Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2018-01-10 CVE-2017-17662 Path Traversal vulnerability in Yawcam
Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the second pattern) of either \ or ..\ -- for example a '.\./', '....\/' or '...\./' sequence.
network
low complexity
yawcam CWE-22
7.5
7.5
2018-01-09 CVE-2017-1671 Path Traversal vulnerability in IBM Security KEY Lifecycle Manager
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5
7.5
2018-01-09 CVE-2018-5310 Path Traversal vulnerability in Media From FTP Project Media From FTP
In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI.
network
low complexity
media-from-ftp-project CWE-22
6.5
6.5
2018-01-08 CVE-2018-5283 Path Traversal vulnerability in Photos in Wifi Project Photos in Wifi 1.0.1
The Photos in Wifi application 1.0.1 for iOS has directory traversal via the ext parameter to assets-library://asset/asset.php.
network
low complexity
photos-in-wifi-project CWE-22
7.5
7.5
2018-01-08 CVE-2018-5291 Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
network
low complexity
gd-rating-system-project CWE-22
7.5
7.5
2018-01-08 CVE-2018-5290 Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.
network
low complexity
gd-rating-system-project CWE-22
7.5
7.5
2018-01-08 CVE-2018-5289 Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page.
network
low complexity
gd-rating-system-project CWE-22
7.5
7.5
2018-01-08 CVE-2018-5287 Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page.
network
low complexity
gd-rating-system-project CWE-22
7.5
7.5
2018-01-05 CVE-2017-15550 Path Traversal vulnerability in EMC products
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0.
network
low complexity
emc CWE-22
8.8
8.8
2018-01-05 CVE-2017-16720 Path Traversal vulnerability in Advantech Webaccess
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier.
network
low complexity
advantech CWE-22
critical
 9.8
9.8