Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-17 | CVE-2019-4268 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2019-09-17 | CVE-2016-10977 | Path Traversal vulnerability in Neliosoftware Nelio AB Testing The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal. | 6.5 |
| 2019-09-16 | CVE-2019-0207 | Path Traversal vulnerability in Apache Tapestry 5.4.0 Tapestry processes assets `/assets/ctx` using classes chain `StaticFilesFilter -> AssetDispatcher -> ContextResource`, which doesn't filter the character `\`, so attacker can perform a path traversal attack to read any files on Windows platform. | 7.5 |
| 2019-09-16 | CVE-2016-10966 | Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0 The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. | 7.5 |
| 2019-09-16 | CVE-2016-10965 | Path Traversal vulnerability in Creativeinteractivemedia Real3D Flipbook 1.0 The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. | 7.5 |
| 2019-09-13 | CVE-2019-5484 | Path Traversal vulnerability in Bower Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is extracted. | 7.5 |
| 2019-09-13 | CVE-2019-13532 | Path Traversal vulnerability in Codesys products CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. | 7.5 |
| 2019-09-12 | CVE-2019-5956 | Path Traversal vulnerability in Wondercms Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allows remote attackers to delete arbitrary files via unspecified vectors. | 6.5 |
| 2019-09-11 | CVE-2019-1142 | Path Traversal vulnerability in Microsoft .Net Framework An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-09-09 | CVE-2019-6783 | Path Traversal vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. | 8.8 |