Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-22 | CVE-2016-10924 | Path Traversal vulnerability in Zedna Ebook Download Project Zedna Ebook Download 1.0/1.1 The ebook-download plugin before 1.2 for WordPress has directory traversal. | 7.5 |
| 2019-08-21 | CVE-2019-11603 | Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root. | 7.5 |
| 2019-08-21 | CVE-2019-11601 | Path Traversal vulnerability in Bosch IOT Gateway Software and Prosyst MBS SDK A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. | 7.5 |
| 2019-08-20 | CVE-2019-4460 | Path Traversal vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2019-08-20 | CVE-2019-3967 | Path Traversal vulnerability in Open-Emr Openemr In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system. | 6.5 |
| 2019-08-15 | CVE-2019-9852 | Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. | 7.8 |
| 2019-08-15 | CVE-2019-12791 | Path Traversal vulnerability in Vestacp Control Panel 0.9.824 A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form. | 8.8 |
| 2019-08-15 | CVE-2018-14672 | Path Traversal vulnerability in Yandex Clickhouse In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages. | 5.3 |
| 2019-08-15 | CVE-2019-14788 | Path Traversal vulnerability in Tribulant Newsletters wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers[1][1] parameter in conjunction with an exportfile=../ value. | 8.8 |
| 2019-08-13 | CVE-2019-12479 | Path Traversal vulnerability in Twentytwenty.Storage Project Twentytwenty.Storage 2.11.0 An issue was discovered in 20|20 Storage 2.11.0. | 9.1 |