Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-19 | CVE-2018-20227 | Path Traversal vulnerability in Eclipse Rdf4J RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive. | 7.5 |
| 2018-12-17 | CVE-2018-20092 | Path Traversal vulnerability in PTC Thingworx Platform PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request. | 7.5 |
| 2018-12-17 | CVE-2017-18354 | Path Traversal vulnerability in Google Rendertron 1.0.0 Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker. | 7.5 |
| 2018-12-14 | CVE-2018-19003 | Path Traversal vulnerability in GE products GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fails to restrict the ability of an attacker to gain access to restricted information. | 7.5 |
| 2018-12-13 | CVE-2018-13812 | Path Traversal vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). | 7.5 |
| 2018-12-13 | CVE-2018-20128 | Path Traversal vulnerability in Usualtool Usualtoolcms 8.0 An issue was discovered in UsualToolCMS v8.0. | 7.5 |
| 2018-12-12 | CVE-2018-20094 | Path Traversal vulnerability in Xuxueli Xxl-Conf 1.6.0 An issue was discovered in XXL-CONF 1.6.0. | 7.5 |
| 2018-12-11 | CVE-2018-20064 | Path Traversal vulnerability in Doorgets 7.0 doorGets 7.0 allows remote attackers to write to arbitrary files via directory traversal, as demonstrated by a dg-user/?controller=theme&action=edit&name=doorgets&file=../../1.txt%00 URI with content in the theme_content_nofi parameter. | 7.5 |
| 2018-12-11 | CVE-2018-20058 | Path Traversal vulnerability in Evernote In Evernote before 7.6 on macOS, there is a local file path traversal issue in attachment previewing, aka MACOSNOTE-28634. | 7.5 |
| 2018-12-10 | CVE-2018-1000863 | Path Traversal vulnerability in multiple products A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins. | 8.2 |