Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2017-5966 | Path Traversal vulnerability in Sitecore CRM 8.1 Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter. | 4.0 |
| 2017-05-23 | CVE-2017-6821 | Path Traversal vulnerability in Synacor Zimbra Collaboration Suite Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | 7.5 |
| 2017-05-23 | CVE-2015-5609 | Path Traversal vulnerability in Image-Export Project Image-Export 1.1 Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote attackers to read and delete arbitrary files via a full pathname in the file parameter to download.php. | 6.4 |
| 2017-05-23 | CVE-2015-5469 | Path Traversal vulnerability in MDC Youtube Downloader Project MDC Youtube Downloader 2.1.0 Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php. | 5.0 |
| 2017-05-23 | CVE-2015-5468 | Path Traversal vulnerability in Wpshopstyling WP E-Commerce Shop Styling Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2017-05-23 | CVE-2015-4704 | Path Traversal vulnerability in Download ZIP Attachments Project Download ZIP Attachments 1.0 Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2017-05-22 | CVE-2017-6636 | Path Traversal vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to Release 11.1) could allow an authenticated, remote attacker to view any file on an affected system. | 4.0 |
| 2017-05-21 | CVE-2017-9024 | Path Traversal vulnerability in Secure-Bytes Secure Cisco Auditor 3.0 Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via ../ sequences in a pathname. | 5.0 |
| 2017-05-18 | CVE-2017-3980 | Path Traversal vulnerability in Mcafee Epolicy Orchestrator A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | 6.5 |
| 2017-05-18 | CVE-2017-9067 | Path Traversal vulnerability in multiple products In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal. | 4.4 |