Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-03 | CVE-2017-17108 | Path Traversal vulnerability in Konakart Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server. | 9.8 |
| 2018-02-02 | CVE-2017-18038 | Path Traversal vulnerability in Atlassian Bitbucket The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name. | 5.3 |
| 2018-02-02 | CVE-2017-18037 | Path Traversal vulnerability in Atlassian Bitbucket The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag. | 6.5 |
| 2018-01-30 | CVE-2018-6397 | Path Traversal vulnerability in Joomlacalendars Picture Calendar 3.1.4 Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter. | 7.5 |
| 2018-01-26 | CVE-2017-1279 | Path Traversal vulnerability in IBM Tealeaf Customer Experience 8.7/8.8/9.0.2 IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-01-25 | CVE-2018-5445 | Path Traversal vulnerability in Advantech Webaccess/Scada A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. | 5.3 |
| 2018-01-24 | CVE-2018-6184 | Path Traversal vulnerability in Zeit Next.Js ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace. | 7.5 |
| 2018-01-23 | CVE-2018-6022 | Path Traversal vulnerability in 5None Nonecms 1.1.0/1.2.0/1.3.0 Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitrary files by leveraging back-office access to provide a ..\ in the param.path parameter. | 6.5 |
| 2018-01-18 | CVE-2017-10273 | Path Traversal vulnerability in Oracle Jdeveloper Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). | 4.7 |
| 2018-01-16 | CVE-2014-9485 | Path Traversal vulnerability in Minizip Project Minizip Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive. | 5.5 |