VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-01
CVE-2024-13910
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'database_backup_ajax_delete' function in all versions up to, and including, 2.35.
network
low complexity
CWE-22
7.2
7.2
2025-02-28
CVE-2025-0823
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-02-27
CVE-2025-1743
A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0.
network
low complexity
CWE-22
5.3
5.3
2025-02-27
CVE-2024-54169
IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-02-27
CVE-2025-1282
The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_post_photo() and add_car() functions in all versions up to, and including, 1.6.3.
network
low complexity
CWE-22
8.8
8.8
2025-02-25
CVE-2025-27142
Path Traversal vulnerability in Localsend
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection.
low complexity
localsend
CWE-22
8.8
8.8
2025-02-21
CVE-2025-1543
A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3.
network
low complexity
CWE-22
4.3
4.3
2025-02-20
CVE-2025-27098
Path Traversal vulnerability in The-Guild Graphql Mesh CLI and Graphql Mesh Http
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL.
network
low complexity
the-guild
CWE-22
7.5
7.5
2025-02-19
CVE-2025-27092
Path Traversal vulnerability in CMU Ghosts
GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise.
network
low complexity
cmu
CWE-22
7.5
7.5
2025-02-18
CVE-2025-1035
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1.
low complexity
CWE-22
5.7
5.7
«
1
(current)
2
3
4
5
...
367
368
»
Next