Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-02 | CVE-2018-16961 | Path Traversal vulnerability in Buffalo Open Xdmod 7.5.0 An issue was discovered in Open XDMoD through 7.5.0. | 7.5 |
| 2019-05-02 | CVE-2018-16716 | Path Traversal vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26 A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string. | 9.1 |
| 2019-04-30 | CVE-2019-0194 | Path Traversal vulnerability in Apache Camel Apache Camel's File is vulnerable to directory traversal. | 7.5 |
| 2019-04-30 | CVE-2019-11624 | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. | 4.9 |
| 2019-04-30 | CVE-2019-11612 | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. | 7.5 |
| 2019-04-30 | CVE-2019-5624 | Path Traversal vulnerability in Rapid7 Metasploit Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. | 7.3 |
| 2019-04-26 | CVE-2019-11557 | Path Traversal vulnerability in Web-Dorado WP Form Builder The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | 8.8 |
| 2019-04-25 | CVE-2019-3720 | Path Traversal vulnerability in Dell EMC Openmanage Server Administrator Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. | 4.9 |
| 2019-04-25 | CVE-2019-11515 | Path Traversal vulnerability in Gilacms Gila CMS 1.10.1 core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?download= absolute path traversal to read arbitrary files. | 4.9 |
| 2019-04-24 | CVE-2019-7213 | Path Traversal vulnerability in Smartertools Smartermail SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. | 6.5 |