Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-09 | CVE-2019-14798 | Path Traversal vulnerability in 10Web Photo Gallery The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. | 4.9 |
| 2019-08-09 | CVE-2019-14312 | Path Traversal vulnerability in Aptana Jaxer 1.0.3.4547 Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. | 6.5 |
| 2019-08-06 | CVE-2019-14701 | Path Traversal vulnerability in Microdigital products An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. | 7.5 |
| 2019-08-06 | CVE-2019-14700 | Path Traversal vulnerability in Microdigital products An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. | 7.5 |
| 2019-08-05 | CVE-2019-14521 | Path Traversal vulnerability in Emca Energy Logserver 6.1.2 The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter. | 7.5 |
| 2019-08-02 | CVE-2019-7859 | Path Traversal vulnerability in Magento A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 could result in unauthorized access to uploaded images due to insufficient access control. | 7.5 |
| 2019-08-02 | CVE-2017-18448 | Path Traversal vulnerability in Cpanel cPanel before 64.0.21 allows certain file-read operations via a Serverinfo_manpage API call (SEC-252). | 5.3 |
| 2019-08-02 | CVE-2019-10168 | Path Traversal vulnerability in Redhat products The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. | 7.8 |
| 2019-08-01 | CVE-2016-10828 | Path Traversal vulnerability in Cpanel cPanel before 55.9999.141 allows arbitrary code execution because of an unsafe @INC path (SEC-97). | 8.8 |
| 2019-07-31 | CVE-2019-14452 | Path Traversal vulnerability in multiple products Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | 7.5 |