Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-30 | CVE-2018-6397 | Path Traversal vulnerability in Joomlacalendars Picture Calendar 3.1.4 Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter. | 7.5 |
| 2018-01-26 | CVE-2017-1279 | Path Traversal vulnerability in IBM Tealeaf Customer Experience 8.7/8.8/9.0.2 IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-01-25 | CVE-2018-5445 | Path Traversal vulnerability in Advantech Webaccess/Scada A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. | 5.3 |
| 2018-01-24 | CVE-2018-6184 | Path Traversal vulnerability in Zeit Next.Js ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace. | 7.5 |
| 2018-01-23 | CVE-2018-6022 | Path Traversal vulnerability in 5None Nonecms 1.1.0/1.2.0/1.3.0 Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitrary files by leveraging back-office access to provide a ..\ in the param.path parameter. | 6.5 |
| 2018-01-18 | CVE-2017-10273 | Path Traversal vulnerability in Oracle Jdeveloper Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). | 4.7 |
| 2018-01-16 | CVE-2014-9485 | Path Traversal vulnerability in Minizip Project Minizip Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive. | 5.5 |
| 2018-01-14 | CVE-2018-5700 | Path Traversal vulnerability in Magicwinmail Winmail Server Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder. | 8.8 |
| 2018-01-12 | CVE-2015-9250 | Path Traversal vulnerability in Skyboxsecurity Skybox Platform An issue was discovered in Skybox Platform before 7.5.201. | 7.5 |
| 2018-01-11 | CVE-2014-5068 | Path Traversal vulnerability in Microsemi S350I Firmware 2.70.15 Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name. | 7.5 |