Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-17109 | Path Traversal vulnerability in Koji Project Koji Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. | 6.5 |
| 2019-10-09 | CVE-2019-0074 | Path Traversal vulnerability in Juniper Junos A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. | 5.5 |
| 2019-10-09 | CVE-2019-17399 | Path Traversal vulnerability in Joomlashack Shack Forms PRO The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment. | 9.8 |
| 2019-10-08 | CVE-2019-17187 | Path Traversal vulnerability in Fiberhome Hg2201T Firmware 1.00.M5007Js201804 /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. | 7.5 |
| 2019-10-07 | CVE-2019-17314 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17313 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Studio module by a Developer user. | 8.8 |
| 2019-10-07 | CVE-2019-17312 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17311 | Path Traversal vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user. | 8.8 |
| 2019-10-05 | CVE-2019-17199 | Path Traversal vulnerability in Webpagetest 19.04 www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. | 7.5 |
| 2019-10-04 | CVE-2019-17180 | Path Traversal vulnerability in Valvesoftware Steam Client Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. | 7.8 |