Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-23 | CVE-2018-6022 | Path Traversal vulnerability in 5None Nonecms 1.1.0/1.2.0/1.3.0 Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitrary files by leveraging back-office access to provide a ..\ in the param.path parameter. | 6.5 |
| 2018-01-18 | CVE-2017-10273 | Path Traversal vulnerability in Oracle Jdeveloper Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). | 4.7 |
| 2018-01-16 | CVE-2014-9485 | Path Traversal vulnerability in Minizip Project Minizip Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive. | 5.5 |
| 2018-01-14 | CVE-2018-5700 | Path Traversal vulnerability in Magicwinmail Winmail Server Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder. | 8.8 |
| 2018-01-12 | CVE-2015-9250 | Path Traversal vulnerability in Skyboxsecurity Skybox Platform An issue was discovered in Skybox Platform before 7.5.201. | 7.5 |
| 2018-01-11 | CVE-2014-5068 | Path Traversal vulnerability in Microsemi S350I Firmware 2.70.15 Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name. | 7.5 |
| 2018-01-10 | CVE-2017-17662 | Path Traversal vulnerability in Yawcam Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the second pattern) of either \ or ..\ -- for example a '.\./', '....\/' or '...\./' sequence. | 7.5 |
| 2018-01-09 | CVE-2017-1671 | Path Traversal vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2018-01-09 | CVE-2018-5310 | Path Traversal vulnerability in Media From FTP Project Media From FTP In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI. | 6.5 |
| 2018-01-08 | CVE-2018-5283 | Path Traversal vulnerability in Photos in Wifi Project Photos in Wifi 1.0.1 The Photos in Wifi application 1.0.1 for iOS has directory traversal via the ext parameter to assets-library://asset/asset.php. | 7.5 |