Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-12464 | Path Traversal vulnerability in Librenms 1.50.1 An issue was discovered in LibreNMS 1.50.1. | 7.5 |
| 2019-09-09 | CVE-2019-16132 | Path Traversal vulnerability in PHPok Oklite 1.2.25 An issue was discovered in OKLite v1.2.25. | 6.5 |
| 2019-09-09 | CVE-2019-16123 | Path Traversal vulnerability in Kartatopia Piluscart 1.4.0/1.4.1 In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure. | 7.5 |
| 2019-09-08 | CVE-2019-16113 | Path Traversal vulnerability in Bludit 3.9.2 Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname. | 8.8 |
| 2019-09-08 | CVE-2019-16105 | Path Traversal vulnerability in Silver-Peak Unity Edgeconnect Sd-Wan Firmware 8.1.4.965644 Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI. | 4.9 |
| 2019-09-06 | CVE-2019-9854 | Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. | 7.8 |
| 2019-09-05 | CVE-2019-15952 | Path Traversal vulnerability in Totaljs Total.Js CMS 12.0.0 An issue was discovered in Total.js CMS 12.0.0. | 8.8 |
| 2019-09-03 | CVE-2019-5480 | Path Traversal vulnerability in Statichttpserver Project Statichttpserver A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders. | 5.3 |
| 2019-09-03 | CVE-2019-10197 | Path Traversal vulnerability in multiple products A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. | 9.1 |
| 2019-08-30 | CVE-2019-15630 | Path Traversal vulnerability in Mulesoft API Gateway and Mule Runtime Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process. | 7.5 |