Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-27 | CVE-2019-3632 | Path Traversal vulnerability in Mcafee Enterprise Security Manager Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input. | 8.8 |
| 2019-06-27 | CVE-2019-7227 | Path Traversal vulnerability in ABB Pb610 Panel Builder 600 Firmware 1.91/2.8.0.367 In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. | 7.3 |
| 2019-06-27 | CVE-2019-4252 | Path Traversal vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2019-06-27 | CVE-2019-1621 | Path Traversal vulnerability in Cisco Data Center Network Manager 11.0(1) A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. | 7.5 |
| 2019-06-27 | CVE-2019-1620 | Path Traversal vulnerability in Cisco Data Center Network Manager 11.0(1) A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. | 9.8 |
| 2019-06-21 | CVE-2019-10720 | Path Traversal vulnerability in Blogengine Blogengine.Net BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. | 8.8 |
| 2019-06-21 | CVE-2019-10719 | Path Traversal vulnerability in Dotnetblogengine Blogengine.Net BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. | 8.8 |
| 2019-06-20 | CVE-2019-12901 | Path Traversal vulnerability in Pydio Cells Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation. | 8.8 |
| 2019-06-19 | CVE-2019-3737 | Path Traversal vulnerability in Dell Avamar Data Migration Enabler web Interface 1.0.50/1.0.51 Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. | 7.5 |
| 2019-06-19 | CVE-2018-16594 | Path Traversal vulnerability in Sony products The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal. | 8.1 |