Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-3394 | Path Traversal vulnerability in Atlassian Confluence There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. | 8.8 |
| 2019-08-29 | CVE-2019-11249 | Path Traversal vulnerability in multiple products The kubectl cp command allows copying files between containers and the user machine. | 6.5 |
| 2019-08-29 | CVE-2019-11246 | Path Traversal vulnerability in Kubernetes The kubectl cp command allows copying files between containers and the user machine. | 6.5 |
| 2019-08-28 | CVE-2019-15714 | Path Traversal vulnerability in Entropic Project Entropic cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations. | 5.3 |
| 2019-08-27 | CVE-2019-13237 | Path Traversal vulnerability in Alkacon Opencms Apollo Template 10.5.4/10.5.5 In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp. | 4.3 |
| 2019-08-26 | CVE-2019-15055 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. | 6.5 |
| 2019-08-23 | CVE-2019-11654 | Path Traversal vulnerability in Microfocus Verastream Host Integrator 7.5/7.6/7.7 Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | 7.5 |
| 2019-08-23 | CVE-2019-15520 | Path Traversal vulnerability in Comelz Quark 0.2 comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory. | 5.3 |
| 2019-08-23 | CVE-2019-15519 | Path Traversal vulnerability in Power-Response Project Power-Response Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin. | 9.8 |
| 2019-08-23 | CVE-2019-15518 | Path Traversal vulnerability in Swoole Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler. | 5.3 |