Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2019-8385 | Path Traversal vulnerability in Thomsonreuters Concourse Matter Room and Firm Central Desktop An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. | 9.8 |
| 2019-06-05 | CVE-2019-12276 | Path Traversal vulnerability in Grandnode 4.40 A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. | 7.5 |
| 2019-06-05 | CVE-2019-5356 | Path Traversal vulnerability in HP Intelligent Management Center A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | 9.8 |
| 2019-06-04 | CVE-2018-13379 | Path Traversal vulnerability in Fortinet Fortios and Fortiproxy An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. | 9.8 |
| 2019-06-03 | CVE-2019-10009 | Path Traversal vulnerability in Southrivertech Titan FTP Server 2019 A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. | 6.5 |
| 2019-06-03 | CVE-2019-12169 | Path Traversal vulnerability in Atutor 2.2.1/2.2.2/2.2.4 ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component. | 8.8 |
| 2019-06-03 | CVE-2019-6754 | Path Traversal vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. | 7.8 |
| 2019-06-03 | CVE-2019-12310 | Path Traversal vulnerability in Exagrid Backup Appliance Firmware 48.1.1044.P50 ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. | 9.8 |
| 2019-06-03 | CVE-2019-12593 | Path Traversal vulnerability in Icewarp Mail Server IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal. | 7.5 |
| 2019-06-03 | CVE-2019-3397 | Path Traversal vulnerability in Atlassian Bitbucket Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from 5.16.0 before 5.16.3 (fixed version for 5.16.x), from 6.0.0 before 6.0.3 (fixed version for 6.0.x), and from 6.1.0 before 6.1.2 (the fixed version for 6.1.x) allow remote attackers who have admin permissions to achieve remote code execution on a Bitbucket server instance via path traversal through the Data Center migration tool. | 9.1 |