Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-06 | CVE-2019-9607 | Path Traversal vulnerability in Medical Store Script Project Medical Store Script 3.0.3 PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file. | 5.3 |
| 2019-02-26 | CVE-2019-9195 | Path Traversal vulnerability in Grin util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. | 9.8 |
| 2019-02-25 | CVE-2018-20795 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20794 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php. | 7.5 |
| 2019-02-25 | CVE-2018-20793 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20792 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php. | 7.5 |
| 2019-02-25 | CVE-2018-20790 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php. | 7.5 |
| 2019-02-25 | CVE-2018-20789 | Path Traversal vulnerability in Tecrail Responsive Filemanager 9.13.4 tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php. | 7.5 |
| 2019-02-23 | CVE-2019-9064 | Path Traversal vulnerability in CAB Booking Script Project CAB Booking Script 1.0.3 PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file. | 5.3 |
| 2019-02-22 | CVE-2019-9015 | Path Traversal vulnerability in Mopcms 20181130 A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. | 9.1 |