Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-21 | CVE-2017-10993 | Path Traversal vulnerability in Contao CMS Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal. | 8.8 |
| 2017-07-20 | CVE-2017-11500 | Path Traversal vulnerability in Metinfo 5.3.17 A directory traversal vulnerability exists in MetInfo 5.3.17. | 7.5 |
| 2017-07-20 | CVE-2017-11469 | Path Traversal vulnerability in Idera Uptime Infrastructure Monitor 7.8 get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter. | 7.5 |
| 2017-07-19 | CVE-2017-11456 | Path Traversal vulnerability in Geneko products Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file. | 7.5 |
| 2017-07-19 | CVE-2017-11440 | Path Traversal vulnerability in Sitecore CMS 8.2 In Sitecore 8.2, there is absolute path traversal via the shell/Applications/Layouts/IDE.aspx fi parameter and the admin/LinqScratchPad.aspx Reference parameter. | 4.9 |
| 2017-07-18 | CVE-2017-10708 | Path Traversal vulnerability in Apport Project Apport An issue was discovered in Apport through 2.20.x. | 7.8 |
| 2017-07-17 | CVE-2017-2240 | Path Traversal vulnerability in Hammock Assetview 9.2 Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service". | 6.5 |
| 2017-07-17 | CVE-2017-11348 | Path Traversal vulnerability in Octopus Deploy and Octopus Server In Octopus Deploy 3.x before 3.15.4, an authenticated user with PackagePush permission to upload packages could upload a maliciously crafted NuGet package, potentially overwriting other packages or modifying system files. | 5.7 |
| 2017-07-17 | CVE-2017-1000062 | Path Traversal vulnerability in Kitto Project Kitto 0.5.1 kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution | 7.5 |
| 2017-07-17 | CVE-2017-1000047 | Path Traversal vulnerability in Rbenv Project Rbenv rbenv (all current versions) is vulnerable to Directory Traversal in the specification of Ruby version resulting in arbitrary code execution | 9.8 |