Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-17 | CVE-2019-19264 | Path Traversal vulnerability in Simplifile Recordfusion 20191125 In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI. | 7.5 |
| 2019-12-16 | CVE-2019-19731 | Path Traversal vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. | 7.5 |
| 2019-12-13 | CVE-2019-19790 | Path Traversal vulnerability in Telerik Radchart and UI for Asp.Net Ajax Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. | 9.8 |
| 2019-12-13 | CVE-2019-5251 | Path Traversal vulnerability in Huawei products There is a path traversal vulnerability in several Huawei smartphones. | 5.5 |
| 2019-12-13 | CVE-2019-16776 | Path Traversal vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. | 8.1 |
| 2019-12-12 | CVE-2019-13944 | Path Traversal vulnerability in Siemens products A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). | 5.3 |
| 2019-12-12 | CVE-2019-16246 | Path Traversal vulnerability in Intesync Solismed 3.3 Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. | 9.8 |
| 2019-12-12 | CVE-2019-15931 | Path Traversal vulnerability in Intesync Solismed 3.3 Intesync Solismed 3.3sp allows Directory Traversal, a different vulnerability than CVE-2019-16246. | 9.8 |
| 2019-12-11 | CVE-2019-19374 | Path Traversal vulnerability in Squiz Matrix An issue was discovered in core/assets/form/form_question_types/form_question_type_file_upload/form_question_type_file_upload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server during interaction with the File Upload field type, when a custom form exists. | 9.1 |
| 2019-12-09 | CVE-2019-19683 | Path Traversal vulnerability in Nopcommerce 4.20 RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../ path traversal via d or f to Admin/RoxyFileman/ProcessRequest because of Libraries/Nop.Services/Media/RoxyFileman/FileRoxyFilemanService.cs. | 9.1 |