Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-15 | CVE-2018-7495 | Path Traversal vulnerability in Advantech products In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files. | 7.5 |
| 2018-05-15 | CVE-2018-10589 | Path Traversal vulnerability in Advantech products In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code. | 9.8 |
| 2018-05-15 | CVE-2018-1263 | Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0/1.0.1 Addresses partial fix in CVE-2018-1261. | 4.7 |
| 2018-05-14 | CVE-2018-0588 | Path Traversal vulnerability in Ultimatemember User Profile & Membership Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
| 2018-05-14 | CVE-2018-0586 | Path Traversal vulnerability in Ultimatemember User Profile & Membership Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors. | 4.3 |
| 2018-05-11 | CVE-2018-1261 | Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0 Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames. | 4.7 |
| 2018-05-10 | CVE-2018-7933 | Path Traversal vulnerability in Huawei Hirouter-Cd20 Firmware and Ws5200 Firmware Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. | 7.8 |
| 2018-05-08 | CVE-2015-1503 | Path Traversal vulnerability in Icewarp Mail Server Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. | 7.5 |
| 2018-05-08 | CVE-2017-2594 | Path Traversal vulnerability in Hawt Hawtio hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace. | 7.5 |
| 2018-05-08 | CVE-2018-1000175 | Path Traversal vulnerability in Jenkins Html Publisher A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. | 6.5 |