Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-27 | CVE-2018-7102 | Path Traversal vulnerability in HP Intelligent Management Center A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. | 7.5 |
| 2018-09-26 | CVE-2018-17365 | Path Traversal vulnerability in Seacms 6.64/7.2 SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter. | 7.5 |
| 2018-09-26 | CVE-2018-16968 | Path Traversal vulnerability in Citrix Sharefile Storagezones Controller Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. | 3.1 |
| 2018-09-24 | CVE-2018-10501 | Path Traversal vulnerability in Samsung Notes This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. | 7.0 |
| 2018-09-24 | CVE-2018-16299 | Path Traversal vulnerability in Localize MY Post Project Localize MY Post 1.0 The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. | 7.5 |
| 2018-09-24 | CVE-2018-16283 | Path Traversal vulnerability in Wechat Brodcast Project Wechat Brodcast The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | 9.8 |
| 2018-09-21 | CVE-2018-17297 | Path Traversal vulnerability in Hutool The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive. | 7.5 |
| 2018-09-20 | CVE-2018-6500 | Path Traversal vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 7.5 |
| 2018-09-19 | CVE-2018-8889 | Path Traversal vulnerability in Blackberry Enterprise Mobility Server 2.6/2.8/2.8.17.29 A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account. | 4.7 |
| 2018-09-19 | CVE-2018-11762 | Path Traversal vulnerability in Apache Tika In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file. | 5.9 |