Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-11 | CVE-2019-3415 | Path Traversal vulnerability in ZTE Zxmw Nr8000 Firmware 2.4.4.03/2.4.4.04 ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traversal vulnerability. | 5.7 |
| 2019-07-11 | CVE-2019-9886 | Path Traversal vulnerability in Eclass IP 2.5 Any URLs with download_attachment.php under templates or home folders can allow arbitrary files downloaded without login in BroadLearning eClass before version ip.2.5.10.2.1. | 7.5 |
| 2019-07-10 | CVE-2019-5444 | Path Traversal vulnerability in Serve-Here.Js Project Serve-Here.Js Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder. | 5.3 |
| 2019-07-10 | CVE-2019-5221 | Path Traversal vulnerability in Huawei Mate 20 X Firmware There is a path traversal vulnerability on Huawei Share. | 6.5 |
| 2019-07-10 | CVE-2019-13396 | Path Traversal vulnerability in Getflightpath Flightpath FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in system_handle_form_submit in modules/system/system.module. | 5.3 |
| 2019-07-08 | CVE-2019-12925 | Path Traversal vulnerability in Mailenable MailEnable Enterprise Premium 10.23 was vulnerable to multiple directory traversal issues, with which authenticated users could add, remove, or potentially read files in arbitrary folders accessible by the IIS user. | 8.1 |
| 2019-07-04 | CVE-2019-13241 | Path Traversal vulnerability in multiple products FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. | 7.8 |
| 2019-07-03 | CVE-2019-10717 | Path Traversal vulnerability in Dotnetblogengine Blogengine.Net 3.3.7.0 BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter. | 7.1 |
| 2019-07-02 | CVE-2019-7254 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow File Inclusion. | 7.5 |
| 2019-07-02 | CVE-2019-7253 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow Directory Traversal. | 9.8 |