Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-22 | CVE-2014-10390 | Path Traversal vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal. | 9.1 |
| 2019-08-22 | CVE-2019-14751 | Path Traversal vulnerability in Nltk NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. | 7.5 |
| 2019-08-22 | CVE-2019-11029 | Path Traversal vulnerability in Mirasys VMS 7.6.0/8.0.0/8.3.1 Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. | 7.5 |
| 2019-08-22 | CVE-2019-11013 | Path Traversal vulnerability in Softvelum Nimble Streamer Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. | 6.5 |
| 2019-08-22 | CVE-2019-15323 | Path Traversal vulnerability in AD Inserter Project AD Inserter The ad-inserter plugin before 2.4.20 for WordPress has path traversal. | 7.5 |
| 2019-08-22 | CVE-2016-10924 | Path Traversal vulnerability in Zedna Ebook Download Project Zedna Ebook Download 1.0/1.1 The ebook-download plugin before 1.2 for WordPress has directory traversal. | 7.5 |
| 2019-08-21 | CVE-2019-11603 | Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root. | 7.5 |
| 2019-08-21 | CVE-2019-11601 | Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. | 7.5 |
| 2019-08-20 | CVE-2019-4460 | Path Traversal vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2019-08-20 | CVE-2019-3967 | Path Traversal vulnerability in Open-Emr Openemr In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system. | 6.5 |