Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-15 | CVE-2015-4617 | Path Traversal vulnerability in Easy2Map Easy2Map-Photos 1.09 Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory. | 7.5 |
| 2019-02-15 | CVE-2013-2565 | Path Traversal vulnerability in Mambo-Foundation Mambo CMS 4.6.5 A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver. | 5.3 |
| 2019-02-13 | CVE-2019-5910 | Path Traversal vulnerability in Housegate House Gate 1.7.8 Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
| 2019-02-10 | CVE-2018-20769 | Path Traversal vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 7.5 |
| 2019-02-09 | CVE-2019-7678 | Path Traversal vulnerability in Enphase Envoy A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888. | 9.8 |
| 2019-02-05 | CVE-2018-20251 | Path Traversal vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. | 5.5 |
| 2019-02-05 | CVE-2018-20250 | Path Traversal vulnerability in Rarlab Winrar In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). | 7.8 |
| 2019-02-05 | CVE-2018-18990 | Path Traversal vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. | 5.3 |
| 2019-02-05 | CVE-2019-7403 | Path Traversal vulnerability in PHPmywind 5.5 An issue was discovered in PHPMyWind 5.5. | 4.9 |
| 2019-02-04 | CVE-2019-7387 | Path Traversal vulnerability in Systrome products A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. | 6.5 |