Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-12943 | Path Traversal vulnerability in Dlink Dir-600 B1 Firmware 2.01 D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password. | 9.8 |
| 2017-08-18 | CVE-2017-10665 | Path Traversal vulnerability in PHPgrid Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. | 7.8 |
| 2017-08-18 | CVE-2017-12938 | Path Traversal vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . | 7.5 |
| 2017-08-11 | CVE-2017-7675 | Path Traversal vulnerability in Apache Tomcat The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. | 7.5 |
| 2017-08-09 | CVE-2015-0781 | Path Traversal vulnerability in Novell Zenworks Configuration Management Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors. | 9.8 |
| 2017-08-08 | CVE-2017-11152 | Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter. | 7.5 |
| 2017-08-07 | CVE-2017-12637 | Path Traversal vulnerability in SAP Netweaver Application Server Java 7.50 Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-08-07 | CVE-2011-5325 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. | 7.5 |
| 2017-08-07 | CVE-2017-6758 | Path Traversal vulnerability in Cisco Unified Communications Manager 11.5(1.10000.6) A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device. | 6.5 |
| 2017-08-06 | CVE-2017-12586 | Path Traversal vulnerability in Slims Akasia SLiMS 8 Akasia through 8.3.1 has an arbitrary file reading issue because of directory traversal in the url parameter to admin/help.php. | 6.5 |