Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2018-06-05 CVE-2018-8008 Path Traversal vulnerability in Apache Storm
Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames.
local
low complexity
apache CWE-22
5.5
2018-06-04 CVE-2017-16039 Path Traversal vulnerability in Hftp Project Hftp
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
network
low complexity
hftp-project CWE-22
7.5
2018-06-04 CVE-2017-16038 Path Traversal vulnerability in F2E-Server Project F2E-Server
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
network
low complexity
f2e-server-project CWE-22
7.5
2018-06-04 CVE-2017-16037 Path Traversal vulnerability in Gomeplus-H5-Proxy Project Gomeplus-H5-Proxy
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
network
low complexity
gomeplus-h5-proxy-project CWE-22
7.5
2018-06-04 CVE-2017-16036 Path Traversal vulnerability in Badjs-Sourcemap-Server Project Badjs-Sourcemap-Server
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`.
network
low complexity
badjs-sourcemap-server-project CWE-22
7.5
2018-06-04 CVE-2017-16029 Path Traversal vulnerability in Hostr Project Hostr
hostr is a simple web server that serves up the contents of the current directory.
network
low complexity
hostr-project CWE-22
7.5
2018-06-04 CVE-2017-0930 Path Traversal vulnerability in Augustine Project Augustine 0.2.3
augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
network
low complexity
augustine-project CWE-22
6.5
2018-06-04 CVE-2018-10615 Path Traversal vulnerability in GE MDS Pulsenet
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
network
low complexity
ge CWE-22
8.1
2018-05-31 CVE-2016-10561 Path Traversal vulnerability in Bitty Project Bitty 0.2.10
Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`.
network
low complexity
bitty-project CWE-22
5.3
2018-05-31 CVE-2016-10528 Path Traversal vulnerability in Restafary Project Restafary
restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web.
network
low complexity
restafary-project CWE-22
4.9