Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-26 | CVE-2019-6022 | Path Traversal vulnerability in Cybozu Office Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function. | 6.5 |
| 2019-12-19 | CVE-2019-19141 | Path Traversal vulnerability in Plex Media Server 0.9.9.2/1.13.2.5154/1.18.2.2029 The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. | 8.8 |
| 2019-12-19 | CVE-2019-7483 | Path Traversal vulnerability in Sonicwall SMA 100 Firmware 9.0.0.0/9.0.0.3 In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server. | 7.5 |
| 2019-12-18 | CVE-2019-15600 | Path Traversal vulnerability in Http Server Project Http Server 1.0.12 A Path traversal exists in http_server which allows an attacker to read arbitrary system files. | 7.5 |
| 2019-12-18 | CVE-2019-15596 | Path Traversal vulnerability in Statics-Server Project Statics-Server A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. | 7.5 |
| 2019-12-18 | CVE-2019-7289 | Path Traversal vulnerability in Apple Shortcuts A parsing issue in the handling of directory paths was addressed with improved path validation. | 5.5 |
| 2019-12-18 | CVE-2019-19845 | Path Traversal vulnerability in Joomla Joomla! In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | 5.3 |
| 2019-12-17 | CVE-2019-19848 | Path Traversal vulnerability in Typo3 An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. | 7.2 |
| 2019-12-17 | CVE-2019-19264 | Path Traversal vulnerability in Simplifile Recordfusion 20191125 In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI. | 7.5 |
| 2019-12-16 | CVE-2019-19731 | Path Traversal vulnerability in Roxyfileman Roxy Fileman 1.4.5 Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. | 7.5 |