Vulnerabilities > Absolute Path Traversal
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-10651 | IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files. | 4.9 |
| 2024-10-07 | CVE-2024-45290 | Absolute Path Traversal vulnerability in PHPoffice PHPspreadsheet PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. | 7.5 |
| 2023-09-17 | CVE-2023-5022 | Absolute Path Traversal vulnerability in Dedecms A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. | 8.8 |
| 2023-07-19 | CVE-2023-3765 | Absolute Path Traversal vulnerability in Lfprojects Mlflow Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | 10.0 |
| 2023-05-17 | CVE-2023-2765 | Absolute Path Traversal vulnerability in Weaver Office Automation 9.5 A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. | 7.5 |
| 2023-04-15 | CVE-2023-2101 | Absolute Path Traversal vulnerability in Mogublog Project Mogublog A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. | 6.5 |
| 2021-07-07 | CVE-2021-32506 | Absolute Path Traversal vulnerability in Qsan Storage Manager Absolute Path Traversal vulnerability in GetImage in QSAN Storage Manager allows remote authenticated attackers download arbitrary files via the Url path parameter. | 4.0 |
| 2021-05-07 | CVE-2021-30173 | Absolute Path Traversal vulnerability in Junhetec Omnidirectional Communication System 2007.2103 Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file. | 4.0 |