Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-26 | CVE-2019-9195 | Path Traversal vulnerability in Grin util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. | 9.8 |
| 2019-02-25 | CVE-2018-20795 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20794 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php. | 7.5 |
| 2019-02-25 | CVE-2018-20793 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20792 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php. | 7.5 |
| 2019-02-25 | CVE-2018-20790 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20789 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php. | 7.5 |
| 2019-02-23 | CVE-2019-9064 | Path Traversal vulnerability in CAB Booking Script Project CAB Booking Script 1.0.3 PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. | 5.3 |
| 2019-02-22 | CVE-2019-9015 | Path Traversal vulnerability in Mopcms 20181130 A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. | 9.1 |
| 2019-02-21 | CVE-2019-1681 | Path Traversal vulnerability in Cisco IOS XR A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. | 7.5 |