Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-21 | CVE-2019-1681 | Path Traversal vulnerability in Cisco IOS XR A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. | 7.5 |
| 2019-02-21 | CVE-2018-2006 | Path Traversal vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. | 4.9 |
| 2019-02-20 | CVE-2019-3474 | Path Traversal vulnerability in Microfocus Filr 3.0 A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. | 6.5 |
| 2019-02-20 | CVE-2019-8943 | Path Traversal vulnerability in Wordpress WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). | 6.5 |
| 2019-02-18 | CVE-2019-8903 | Path Traversal vulnerability in Totaljs Total.Js index.js in Total.js Platform before 3.2.3 allows path traversal. | 7.5 |
| 2019-02-17 | CVE-2019-8412 | Path Traversal vulnerability in Feifeicms 4.0.181010 FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal. | 8.8 |
| 2019-02-17 | CVE-2019-8411 | Path Traversal vulnerability in Zzcms 2018 admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal. | 7.5 |
| 2019-02-17 | CVE-2019-8407 | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI. | 6.5 |
| 2019-02-17 | CVE-2019-8389 | Path Traversal vulnerability in Musicloud Project Musicloud 1.6 A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. | 8.1 |
| 2019-02-16 | CVE-2019-8358 | Path Traversal vulnerability in Hiawatha-Webserver Hiawatha In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled. | 8.1 |