Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-05 | CVE-2018-12976 | Path Traversal vulnerability in Godoc GO DOC DOT ORG 20180627 In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution. | 9.8 |
2018-07-05 | CVE-2018-3766 | Path Traversal vulnerability in Buttle Project Buttle Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server. | 7.5 |
2018-07-03 | CVE-2018-11051 | Path Traversal vulnerability in EMC RSA Certificate Manager 6.9 RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. | 7.5 |
2018-07-03 | CVE-2018-7771 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of editscript.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.0 |
2018-07-03 | CVE-2018-7770 | Path Traversal vulnerability in Schneider-Electric U.Motion The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 6.5 |
2018-07-03 | CVE-2018-7764 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
2018-07-03 | CVE-2018-7763 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
2018-06-29 | CVE-2018-10860 | Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. | 7.5 |
2018-06-28 | CVE-2017-16859 | Path Traversal vulnerability in Atlassian Crucible The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter. | 6.5 |
2018-06-27 | CVE-2018-12909 | Path Traversal vulnerability in Webgrind Project Webgrind 1.5.0 Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. | 7.5 |