Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7802 | Path Traversal vulnerability in Cybozu Garoon Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors. | 6.5 |
| 2017-06-07 | CVE-2015-8235 | Path Traversal vulnerability in Call-Cc Spiffy Directory traversal vulnerability in Spiffy before 5.4. | 7.5 |
| 2017-06-07 | CVE-2015-7888 | Path Traversal vulnerability in Samsung Galaxy S6 Edge Firmware G925Vvru1Aoe2 Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. | 7.5 |
| 2017-06-05 | CVE-2017-8841 | Path Traversal vulnerability in Peplink products Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. | 8.1 |
| 2017-06-04 | CVE-2017-9428 | Path Traversal vulnerability in Bigtreecms Bigtree CMS A directory traversal vulnerability exists in core\admin\ajax\developer\extensions\file-browser.php in BigTree CMS through 4.2.18 on Windows, allowing attackers to read arbitrary files via ..\ sequences in the directory parameter. | 7.5 |
| 2017-06-04 | CVE-2014-9983 | Path Traversal vulnerability in Rarlab RAR Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. | 5.5 |
| 2017-06-04 | CVE-2017-9416 | Path Traversal vulnerability in Odoo 10.0/8.0/9.0 Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service. | 6.5 |
| 2017-06-01 | CVE-2015-5473 | Path Traversal vulnerability in Samsung Syncthru 6 Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified parameters to (3) uploadCloning.html, (4) fileupload.html, (5) uploadFirmware.html, or (6) upload/driver. | 9.8 |
| 2017-05-26 | CVE-2015-0269 | Path Traversal vulnerability in Contao CMS Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors. | 4.3 |
| 2017-05-25 | CVE-2015-1834 | Path Traversal vulnerability in multiple products A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. | 6.5 |