Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-16762 | Path Traversal vulnerability in Sanic Project Sanic Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring. | 7.5 |
| 2017-11-09 | CVE-2017-16759 | Path Traversal vulnerability in Librenms The installation process in LibreNMS before 2017-08-18 allows remote attackers to read arbitrary files, related to html/install.php. | 5.9 |
| 2017-11-08 | CVE-2017-11512 | Path Traversal vulnerability in Manageengine Servicedesk 9.3.9328 The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. | 7.5 |
| 2017-10-30 | CVE-2014-0115 | Path Traversal vulnerability in Apache Storm 0.9.0.1 Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-10-24 | CVE-2017-14695 | Path Traversal vulnerability in Saltstack Salt Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials to authenticate to a master via a crafted minion ID. | 9.8 |
| 2017-10-23 | CVE-2014-3744 | Path Traversal vulnerability in Nodejs Node.Js Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path. | 7.5 |
| 2017-10-23 | CVE-2017-9947 | Path Traversal vulnerability in Siemens products A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. | 5.3 |
| 2017-10-23 | CVE-2017-15805 | Path Traversal vulnerability in Cisco products Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files. | 7.5 |
| 2017-10-19 | CVE-2017-15647 | Path Traversal vulnerability in Fiberhome Routerfiberhome Firmware On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. | 7.5 |
| 2017-10-19 | CVE-2017-10933 | Path Traversal vulnerability in ZTE Zxdt22 Sf01 Firmware V2.06.00.00 All versions prior to V2.06.00.00 of ZTE ZXDT22 SF01, an monitoring system of ZTE energy product, are impacted by directory traversal vulnerability that allows remote attackers to read arbitrary files on the system via a full path name after host address. | 7.5 |