Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-21 | CVE-2019-10720 | Path Traversal vulnerability in Blogengine Blogengine.Net BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. | 8.8 |
| 2019-06-21 | CVE-2019-10719 | Path Traversal vulnerability in Dotnetblogengine Blogengine.Net BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. | 8.8 |
| 2019-06-20 | CVE-2019-12901 | Path Traversal vulnerability in Pydio Cells Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation. | 8.8 |
| 2019-06-19 | CVE-2019-3737 | Path Traversal vulnerability in Dell Avamar Data Migration Enabler web Interface 1.0.50/1.0.51 Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by an LFI vulnerability which may allow a malicious user to download arbitrary files from the affected system by sending a specially crafted request to the Web Interface application. | 7.5 |
| 2019-06-19 | CVE-2018-16594 | Path Traversal vulnerability in Sony products The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal. | 8.1 |
| 2019-06-19 | CVE-2018-18863 | Path Traversal vulnerability in Ngahr Resourcelink 20.0.2.1 NGA ResourceLink 20.0.2.1 allows local file inclusion. | 6.5 |
| 2019-06-19 | CVE-2019-4384 | Path Traversal vulnerability in IBM Campaign 10.1/9.1.2 IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse directories on the system. | 4.3 |
| 2019-06-19 | CVE-2019-10257 | Path Traversal vulnerability in Zucchetti HR Portal 20190315 Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. | 7.5 |
| 2019-06-18 | CVE-2018-18876 | Path Traversal vulnerability in Columbiaweather Weather Microserver Firmware Ms2.6.9900 In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system. | 5.3 |
| 2019-06-17 | CVE-2017-9386 | Path Traversal vulnerability in Getvera Veraedge Firmware and Veralite Firmware An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. | 6.5 |