Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-21 | CVE-2018-3710 | Path Traversal vulnerability in multiple products Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution. | 7.8 |
| 2018-03-21 | CVE-2017-0918 | Path Traversal vulnerability in multiple products Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | 8.8 |
| 2018-03-19 | CVE-2014-2674 | Path Traversal vulnerability in Ajax-Pagination Project Ajax-Pagination 1.1 Directory traversal vulnerability in the Ajax Pagination (twitter Style) plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2018-03-19 | CVE-2014-3626 | Path Traversal vulnerability in Grails Resources 1.2.0/1.2.12 The Grails Resource Plugin often has to exchange URIs for resources with other internal components. | 7.5 |
| 2018-03-17 | CVE-2018-8741 | Path Traversal vulnerability in multiple products A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | 8.8 |
| 2018-03-16 | CVE-2017-14384 | Path Traversal vulnerability in Dell Storage Manager In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. | 6.5 |
| 2018-03-15 | CVE-2018-7706 | Path Traversal vulnerability in Securenvoy Securmail Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. | 6.5 |
| 2018-03-15 | CVE-2018-7705 | Path Traversal vulnerability in Securenvoy Securmail Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. | 8.1 |
| 2018-03-14 | CVE-2018-8712 | Path Traversal vulnerability in Webmin 1.840/1.880 An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. | 9.8 |
| 2018-03-14 | CVE-2018-2366 | Path Traversal vulnerability in Redwood SAP Business Process Automation 9.0/9.1 SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. | 4.3 |