Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-19 | CVE-2019-14994 | Path Traversal vulnerability in Atlassian Jira Service Desk The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10.0 before version 3.16.8, from version 4.0.0 before version 4.1.3, from version 4.2.0 before version 4.2.5, from version 4.3.0 before version 4.3.4, and version 4.4.0 allows remote attackers with portal access to view arbitrary issues in Jira Service Desk projects via a path traversal vulnerability. | 7.5 |
| 2019-09-18 | CVE-2018-1847 | Path Traversal vulnerability in IBM Financial Transaction Manager for Multiplatform IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2019-09-17 | CVE-2019-4442 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system. | 4.3 |
| 2019-09-17 | CVE-2019-4268 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2019-09-17 | CVE-2016-10977 | Path Traversal vulnerability in Neliosoftware Nelio AB Testing The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal. | 6.5 |
| 2019-09-16 | CVE-2019-0207 | Path Traversal vulnerability in Apache Tapestry 5.4.0 Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform. | 7.5 |
| 2019-09-16 | CVE-2016-10966 | Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0 The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. | 7.5 |
| 2019-09-16 | CVE-2016-10965 | Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0 The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. | 7.5 |
| 2019-09-13 | CVE-2019-5484 | Path Traversal vulnerability in Bower Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is extracted. | 7.5 |
| 2019-09-13 | CVE-2019-13532 | Path Traversal vulnerability in Codesys products CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. | 7.5 |