Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-30 | CVE-2018-17785 | Path Traversal vulnerability in Blynk Blynk-Server In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file. | 7.5 |
| 2018-09-28 | CVE-2018-9074 | Path Traversal vulnerability in Lenovo Lenovoemc Firmware 4.1.402.34662 For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file upload functionality of the Content Explorer application is vulnerable to path traversal. | 6.5 |
| 2018-09-28 | CVE-2018-17605 | Path Traversal vulnerability in Asset Pipeline Project Asset-Pipeline An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. | 7.5 |
| 2018-09-28 | CVE-2018-14957 | Path Traversal vulnerability in Isweb 3.5.3 CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the application because credentials are present in that config.php file). | 9.8 |
| 2018-09-27 | CVE-2018-7102 | Path Traversal vulnerability in HP Intelligent Management Center A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. | 7.5 |
| 2018-09-26 | CVE-2018-17365 | Path Traversal vulnerability in Seacms 6.64/7.2 SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter. | 7.5 |
| 2018-09-26 | CVE-2018-16968 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. | 3.1 |
| 2018-09-24 | CVE-2018-10501 | Path Traversal vulnerability in Samsung Notes This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. | 7.0 |
| 2018-09-24 | CVE-2018-16299 | Path Traversal vulnerability in Localize MY Post Project Localize MY Post 1.0 The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. | 7.5 |
| 2018-09-24 | CVE-2018-16283 | Path Traversal vulnerability in Wechat Brodcast Project Wechat Brodcast The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | 9.8 |