Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2019-5624 | Path Traversal vulnerability in Rapid7 Metasploit Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. | 7.3 |
| 2019-04-26 | CVE-2019-11557 | Path Traversal vulnerability in Web-Dorado WP Form Builder The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | 8.8 |
| 2019-04-25 | CVE-2019-3720 | Path Traversal vulnerability in Dell EMC Openmanage Server Administrator Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. | 4.9 |
| 2019-04-25 | CVE-2019-11515 | Path Traversal vulnerability in Gilacms Gila CMS 1.10.1 core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files. | 4.9 |
| 2019-04-24 | CVE-2019-7213 | Path Traversal vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. | 6.5 |
| 2019-04-20 | CVE-2019-11378 | Path Traversal vulnerability in Projectsend R1053 An issue was discovered in ProjectSend r1053. | 8.8 |
| 2019-04-18 | CVE-2019-9005 | Path Traversal vulnerability in Cprime Power Scripts The Cprime Power Scripts app before 4.0.14 for Atlassian Jira allows Directory Traversal. | 6.5 |
| 2019-04-18 | CVE-2019-3398 | Path Traversal vulnerability in Atlassian Confluence Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. | 8.8 |
| 2019-04-18 | CVE-2019-1835 | Path Traversal vulnerability in Cisco Aironet Access Point Firmware 8.8/8.9 A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. | 4.4 |
| 2019-04-15 | CVE-2019-4178 | Path Traversal vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11 could allow a remote attacker to traverse directories on the system. | 9.1 |