Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-05 | CVE-2018-8008 | Path Traversal vulnerability in Apache Storm Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. | 5.5 |
2018-06-04 | CVE-2017-16039 | Path Traversal vulnerability in Hftp Project Hftp `hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 7.5 |
2018-06-04 | CVE-2017-16038 | Path Traversal vulnerability in F2E-Server Project F2E-Server `f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 7.5 |
2018-06-04 | CVE-2017-16037 | Path Traversal vulnerability in Gomeplus-H5-Proxy Project Gomeplus-H5-Proxy `gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL. | 7.5 |
2018-06-04 | CVE-2017-16036 | Path Traversal vulnerability in Badjs-Sourcemap-Server Project Badjs-Sourcemap-Server `badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. | 7.5 |
2018-06-04 | CVE-2017-16029 | Path Traversal vulnerability in Hostr Project Hostr hostr is a simple web server that serves up the contents of the current directory. | 7.5 |
2018-06-04 | CVE-2017-0930 | Path Traversal vulnerability in Augustine Project Augustine 0.2.3 augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path. | 6.5 |
2018-06-04 | CVE-2018-10615 | Path Traversal vulnerability in GE MDS Pulsenet Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. | 8.1 |
2018-05-31 | CVE-2016-10561 | Path Traversal vulnerability in Bitty Project Bitty 0.2.10 Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. | 5.3 |
2018-05-31 | CVE-2016-10528 | Path Traversal vulnerability in Restafary Project Restafary restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web. | 4.9 |