Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-23 | CVE-2017-14722 | Path Traversal vulnerability in Wordpress Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. | 7.5 |
| 2017-09-23 | CVE-2017-14719 | Path Traversal vulnerability in Wordpress Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. | 7.5 |
| 2017-09-22 | CVE-2017-8007 | Path Traversal vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. | 8.8 |
| 2017-09-20 | CVE-2016-6795 | Path Traversal vulnerability in Apache Struts In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. | 9.8 |
| 2017-09-20 | CVE-2015-4074 | Path Traversal vulnerability in Helpdesk PRO Project Helpdesk PRO Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-09-19 | CVE-2017-10931 | Path Traversal vulnerability in ZTE Zxr10 1800-2S Firmware The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration. | 7.5 |
| 2017-09-17 | CVE-2017-14514 | Path Traversal vulnerability in Tenda W15E Firmware 15.11.0.10(1576)/15.11.0.14/V15.11.0.13Cn Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. | 7.5 |
| 2017-09-17 | CVE-2017-14513 | Path Traversal vulnerability in Metinfo 5.3.17 Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php. | 5.3 |
| 2017-09-08 | CVE-2017-11162 | Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-09-07 | CVE-2015-4085 | Path Traversal vulnerability in Etherpad Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | 7.5 |