Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-21 | CVE-2018-2006 | Path Traversal vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. | 4.9 |
| 2019-02-20 | CVE-2019-3474 | Path Traversal vulnerability in Microfocus Filr 3.0 A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. | 6.5 |
| 2019-02-20 | CVE-2019-8943 | Path Traversal vulnerability in Wordpress WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). | 6.5 |
| 2019-02-18 | CVE-2019-8903 | Path Traversal vulnerability in Totaljs Total.Js index.js in Total.js Platform before 3.2.3 allows path traversal. | 7.5 |
| 2019-02-17 | CVE-2019-8412 | Path Traversal vulnerability in Feifeicms 4.0.181010 FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal. | 8.8 |
| 2019-02-17 | CVE-2019-8411 | Path Traversal vulnerability in Zzcms 2018 admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. | 7.5 |
| 2019-02-17 | CVE-2019-8407 | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI. | 6.5 |
| 2019-02-17 | CVE-2019-8389 | Path Traversal vulnerability in Musicloud Project Musicloud 1.6 A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. | 8.1 |
| 2019-02-16 | CVE-2019-8358 | Path Traversal vulnerability in Hiawatha-Webserver Hiawatha In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled. | 8.1 |
| 2019-02-15 | CVE-2015-4617 | Path Traversal vulnerability in Easy2Map Easy2Map-Photos 1.09 Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory. | 7.5 |