Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-10717 | Path Traversal vulnerability in Dotnetblogengine Blogengine.Net 3.3.7.0 BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter. | 7.1 |
| 2019-07-02 | CVE-2019-7254 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow File Inclusion. | 7.5 |
| 2019-07-02 | CVE-2019-7253 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge E3-Series devices allow Directory Traversal. | 9.8 |
| 2019-07-02 | CVE-2019-7267 | Path Traversal vulnerability in Nortekcontrol products Linear eMerge 50P/5000P devices allow Cookie Path Traversal. | 9.8 |
| 2019-06-30 | CVE-2019-11826 | Path Traversal vulnerability in Synology Moments Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter. | 8.8 |
| 2019-06-30 | CVE-2019-11822 | Path Traversal vulnerability in Synology Photo Station Relative path traversal vulnerability in SYNO.PhotoStation.File in Synology Photo Station before 6.8.11-3489 and before 6.3-2977 allows remote attackers to upload arbitrary files via the uploadphoto parameter. | 6.5 |
| 2019-06-28 | CVE-2019-10985 | Path Traversal vulnerability in Advantech Webaccess In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnerability is caused by a lack of proper validation of a user-supplied path prior to use in file operations. | 9.1 |
| 2019-06-28 | CVE-2018-14918 | Path Traversal vulnerability in Loytec Lgate-902 Firmware 6.3.2 LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal. | 7.5 |
| 2019-06-27 | CVE-2019-3632 | Path Traversal vulnerability in Mcafee Enterprise Security Manager Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input. | 8.8 |
| 2019-06-27 | CVE-2019-7227 | Path Traversal vulnerability in ABB Pb610 Panel Builder 600 Firmware 1.91/2.8.0.367 In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. | 7.3 |