Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2015-9470 | Path Traversal vulnerability in Ionadas History Collection 1.0.1/1.0.2/1.1.1 The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter. | 7.5 |
| 2019-10-10 | CVE-2015-9463 | Path Traversal vulnerability in S3Bubble S3Bubble-Amazon-S3-Audio-Streaming 2.0 The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | 7.5 |
| 2019-10-10 | CVE-2015-9464 | Path Traversal vulnerability in S3Bubble S3Bubble-Amazon-S3-Html-5-Video-With-Adverts 0.7 The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | 7.5 |
| 2019-10-09 | CVE-2019-17109 | Path Traversal vulnerability in Koji Project Koji Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. | 6.5 |
| 2019-10-09 | CVE-2019-0074 | Path Traversal vulnerability in Juniper Junos A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. | 5.5 |
| 2019-10-09 | CVE-2019-17399 | Path Traversal vulnerability in Joomlashack Shack Forms PRO The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment. | 9.8 |
| 2019-10-08 | CVE-2019-17187 | Path Traversal vulnerability in Fiberhome Hg2201T Firmware 1.00.M5007Js201804 /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. | 7.5 |
| 2019-10-07 | CVE-2019-17314 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17313 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user. | 8.8 |
| 2019-10-07 | CVE-2019-17312 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user. | 8.8 |