Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-40532 | Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server. | 4.3 |
2023-09-27 | CVE-2023-2315 | Path Traversal vulnerability in Opencart 4.0.0.0 Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server | 8.8 |
2023-09-25 | CVE-2023-43382 | Path Traversal vulnerability in Iteachyou Dreamer CMS 4.1.3 Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function. | 8.8 |
2023-09-25 | CVE-2023-43256 | Path Traversal vulnerability in Gladysassistant Gladys Assistant A path traversal in Gladys Assistant v4.26.1 and below allows authenticated attackers to extract sensitive files in the host machine by exploiting a non-sanitized user input. | 6.5 |
2023-09-25 | CVE-2023-39407 | Path Traversal vulnerability in Huawei Harmonyos 2.0.0 The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity. | 9.1 |
2023-09-24 | CVE-2023-5142 | Path Traversal vulnerability in H3C products A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. | 5.3 |
2023-09-22 | CVE-2023-38346 | Path Traversal vulnerability in Windriver Vxworks 6.9/7.0 An issue was discovered in Wind River VxWorks 6.9 and 7. | 8.8 |
2023-09-21 | CVE-2023-42280 | Path Traversal vulnerability in Springernature Mee-Admin 1.5 mee-admin 1.5 is vulnerable to Directory Traversal. | 7.5 |
2023-09-21 | CVE-2023-42456 | Path Traversal vulnerability in Memorysafety Sudo Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. | 8.1 |
2023-09-21 | CVE-2023-4760 | Path Traversal vulnerability in Eclipse Remote Application Platform In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. | 9.8 |