Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-30 | CVE-2019-12457 | Path Traversal vulnerability in Afian Filerun 2019.05.21 FileRun 2019.05.21 allows images/extjs Directory Listing. | 5.3 |
| 2019-05-29 | CVE-2018-16221 | Path Traversal vulnerability in Yealink Ultra-Elegant IP Phone Sip-T41P Firmware 66.83.0.35 The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request). | 8.0 |
| 2019-05-29 | CVE-2019-9858 | Path Traversal vulnerability in multiple products Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. | 8.8 |
| 2019-05-24 | CVE-2016-10759 | Path Traversal vulnerability in Precurio 2.1 The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads. | 9.8 |
| 2019-05-24 | CVE-2019-12314 | Path Traversal vulnerability in Deltek Maconomy 2.2.5 Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI. | 9.8 |
| 2019-05-23 | CVE-2019-12309 | Path Traversal vulnerability in Dotcms dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. | 4.9 |
| 2019-05-23 | CVE-2019-7106 | Path Traversal vulnerability in Adobe XD 16.0 Adobe XD versions 16.0 and earlier have a path traversal vulnerability. | 9.8 |
| 2019-05-23 | CVE-2019-7105 | Path Traversal vulnerability in Adobe XD 16.0 Adobe XD versions 16.0 and earlier have a path traversal vulnerability. | 9.8 |
| 2019-05-22 | CVE-2019-11231 | Path Traversal vulnerability in Get-Simple Getsimple CMS An issue was discovered in GetSimple CMS through 3.3.15. | 9.8 |
| 2019-05-22 | CVE-2019-12277 | Path Traversal vulnerability in Blogifier 2.3 Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. | 9.8 |