Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-17 | CVE-2017-14513 | Path Traversal vulnerability in Metinfo 5.3.17 Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php. | 5.3 |
| 2017-09-08 | CVE-2017-11162 | Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-09-07 | CVE-2015-4085 | Path Traversal vulnerability in Etherpad Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | 7.5 |
| 2017-09-03 | CVE-2017-14120 | Path Traversal vulnerability in multiple products unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory. | 7.5 |
| 2017-08-31 | CVE-2014-8676 | Path Traversal vulnerability in Soplanning Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. | 5.3 |
| 2017-08-30 | CVE-2017-13780 | Path Traversal vulnerability in Eyesofnetwork 5.10 The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter. | 7.5 |
| 2017-08-30 | CVE-2017-3163 | Path Traversal vulnerability in Apache Solr When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. | 7.5 |
| 2017-08-29 | CVE-2017-2258 | Path Traversal vulnerability in Cybozu Garoon 4.2.4/4.2.5 Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications". | 4.3 |
| 2017-08-29 | CVE-2017-10841 | Path Traversal vulnerability in Webcalendar Project Webcalendar 1.2.7 Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | 4.9 |
| 2017-08-29 | CVE-2017-10834 | Path Traversal vulnerability in Nippon-Antenna Scr02Hd Firmware 1.0.3.1000 Directory traversal vulnerability in "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. | 6.5 |