Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-02 | CVE-2017-9965 | Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. | 5.8 |
| 2018-01-02 | CVE-2017-9964 | Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. | 6.9 |
| 2017-12-30 | CVE-2017-17992 | Path Traversal vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action. | 9.8 |
| 2017-12-27 | CVE-2015-7669 | Path Traversal vulnerability in Easy2Map Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file functionality." | 9.8 |
| 2017-12-27 | CVE-2017-17927 | Path Traversal vulnerability in Ordermanagementscript Professional Service Script PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_INFO to service-list/category/. | 5.3 |
| 2017-12-27 | CVE-2017-17924 | Path Traversal vulnerability in Ordermanagementscript Professional Service Script PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php. | 5.3 |
| 2017-12-22 | CVE-2017-15309 | Path Traversal vulnerability in Huawei Ireader Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. | 7.1 |
| 2017-12-22 | CVE-2017-10907 | Path Traversal vulnerability in Spiqe Onethird CMS Show OFF 1.85 Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. | 4.3 |
| 2017-12-20 | CVE-2017-5261 | Path Traversal vulnerability in Cambiumnetworks products In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to all authenticated users. | 8.8 |
| 2017-12-20 | CVE-2017-15532 | Path Traversal vulnerability in Symantec Messaging Gateway Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). | 5.7 |