Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-14 | CVE-2020-6225 | Path Traversal vulnerability in SAP products SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50), does not sufficiently validate path information provided by users, thus characters representing traverse to parent directory are passed through to the file APIs, allowing the attacker to overwrite, delete, or corrupt arbitrary files on the remote server, leading to Path Traversal. | 8.8 |
2020-04-13 | CVE-2020-11738 | Path Traversal vulnerability in Snapcreek Duplicator The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. | 7.5 |
2020-04-12 | CVE-2020-11705 | Path Traversal vulnerability in Provideserver Provide FTP Server 13.1 An issue was discovered in ProVide (formerly zFTPServer) through 13.1. | 9.8 |
2020-04-10 | CVE-2015-9546 | Path Traversal vulnerability in Google Android 4.4 An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-06-16. | 4.8 |
2020-04-09 | CVE-2020-10631 | Path Traversal vulnerability in Advantech Webaccess/Nms 2.0.3 An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control. | 9.8 |
2020-04-09 | CVE-2020-10619 | Path Traversal vulnerability in Advantech Webaccess/Nms 2.0.3 An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control. | 9.1 |
2020-04-08 | CVE-2020-10977 | Path Traversal vulnerability in Gitlab GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. | 5.5 |
2020-04-08 | CVE-2020-10366 | Path Traversal vulnerability in Logicaldoc LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a different vulnerability than CVE-2020-9423 and CVE-2020-10365. | 7.5 |
2020-04-07 | CVE-2020-6974 | Path Traversal vulnerability in Honeywell Notifier Webserver 3.50 Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. | 9.8 |
2020-04-06 | CVE-2020-11596 | Path Traversal vulnerability in Cipplanner Cipace 6.80 A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. | 7.5 |