Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-05 | CVE-2018-10057 | Path Traversal vulnerability in multiple products The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). | 6.5 |
| 2018-06-05 | CVE-2018-1000194 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection. | 8.1 |
| 2018-06-05 | CVE-2018-8008 | Path Traversal vulnerability in Apache Storm Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. | 5.5 |
| 2018-06-04 | CVE-2017-16039 | Path Traversal vulnerability in Hftp Project Hftp `hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 7.5 |
| 2018-06-04 | CVE-2017-16038 | Path Traversal vulnerability in F2E-Server Project F2E-Server `f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 7.5 |
| 2018-06-04 | CVE-2017-16037 | Path Traversal vulnerability in Gomeplus-H5-Proxy Project Gomeplus-H5-Proxy `gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL. | 7.5 |
| 2018-06-04 | CVE-2017-16036 | Path Traversal vulnerability in Badjs-Sourcemap-Server Project Badjs-Sourcemap-Server `badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. | 7.5 |
| 2018-06-04 | CVE-2017-16029 | Path Traversal vulnerability in Hostr Project Hostr hostr is a simple web server that serves up the contents of the current directory. | 7.5 |
| 2018-06-04 | CVE-2017-0930 | Path Traversal vulnerability in Augustine Project Augustine 0.2.3 augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path. | 6.5 |
| 2018-06-04 | CVE-2018-10615 | Path Traversal vulnerability in GE MDS Pulsenet Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. | 8.1 |