Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-28 | CVE-2019-14322 | Path Traversal vulnerability in Palletsprojects Werkzeug In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. | 7.5 |
| 2019-07-26 | CVE-2019-10265 | Path Traversal vulnerability in Ahsay Cloud Backup Suite An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. | 7.5 |
| 2019-07-26 | CVE-2019-13385 | Path Traversal vulnerability in Control-Webpanel Webpanel 0.9.8.840 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log. | 4.3 |
| 2019-07-23 | CVE-2019-1010205 | Path Traversal vulnerability in Linagora Hublin LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247ff) is affected by: Directory Traversal. | 7.5 |
| 2019-07-23 | CVE-2019-14240 | Path Traversal vulnerability in Wcms 0.3.2 WCMS v0.3.2 has a CSRF vulnerability, with resultant directory traversal, to modify index.html via the /wex/html.php?finish=../index.html URI. | 8.1 |
| 2019-07-21 | CVE-2019-14206 | Path Traversal vulnerability in Nevma Adaptive Images An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to delete arbitrary files via the $REQUEST['adaptive-images-settings'] parameter in adaptive-images-script.php. | 7.5 |
| 2019-07-21 | CVE-2019-14205 | Path Traversal vulnerability in Nevma Adaptive Images A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php. | 7.5 |
| 2019-07-19 | CVE-2019-1010151 | Path Traversal vulnerability in Zzcms Zzmcms 8.3 zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. | 9.8 |
| 2019-07-17 | CVE-2019-13584 | Path Traversal vulnerability in Fanucamerica Robotics Virtual Robot Controller 8.23 The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request. | 5.3 |
| 2019-07-17 | CVE-2019-10352 | Path Traversal vulnerability in Jenkins A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary file write on the Jenkins master when scheduling a build. | 6.5 |