Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-7764 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
| 2018-07-03 | CVE-2018-7763 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
| 2018-06-29 | CVE-2018-10860 | Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. | 7.5 |
| 2018-06-28 | CVE-2017-16859 | Path Traversal vulnerability in Atlassian Crucible The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter. | 6.5 |
| 2018-06-27 | CVE-2018-12909 | Path Traversal vulnerability in Webgrind Project Webgrind 1.5.0 Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. | 7.5 |
| 2018-06-26 | CVE-2018-12895 | Path Traversal vulnerability in multiple products WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. | 8.8 |
| 2018-06-26 | CVE-2018-1000550 | Path Traversal vulnerability in multiple products The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. | 9.8 |
| 2018-06-26 | CVE-2018-1000532 | Path Traversal vulnerability in Beep Project Beep 1.3 beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. | 4.7 |
| 2018-06-25 | CVE-2018-10956 | Path Traversal vulnerability in Ipconfigure Orchid Core VMS 2.0.5 IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal. | 7.5 |
| 2018-06-21 | CVE-2018-12631 | Path Traversal vulnerability in Redatam Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal. | 7.5 |