Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2023-03-15 CVE-2023-25345 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags.
network
low complexity
swig-templates-project swig-project CWE-22
7.5
2023-03-15 CVE-2023-25804 Path Traversal vulnerability in Roxy-Wi
Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers.
network
low complexity
roxy-wi CWE-22
5.3
2023-03-15 CVE-2023-28371 Path Traversal vulnerability in Stellarium
In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or ..
network
low complexity
stellarium CWE-22
critical
9.8
2023-03-14 CVE-2023-27588 Path Traversal vulnerability in Hasura Graphql Engine
Hasura is an open-source product that provides users GraphQL or REST APIs.
network
low complexity
hasura CWE-22
7.5
2023-03-14 CVE-2023-1398 Path Traversal vulnerability in Teacms Project Teacms 2.0
A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0.
network
low complexity
teacms-project CWE-22
8.8
2023-03-14 CVE-2022-47595 Path Traversal vulnerability in Wpgmaps WP GO Maps
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.
network
low complexity
wpgmaps CWE-22
6.5
2023-03-14 CVE-2023-27500 Path Traversal vulnerability in SAP Netweaver Application Server Abap
An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files.
network
low complexity
sap CWE-22
8.1
2023-03-14 CVE-2023-27501 Path Traversal vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker to exploit insufficient validation of path information provided by users, thus exploiting a directory traversal flaw in an available service to delete system files.
network
low complexity
sap CWE-22
critical
9.6
2023-03-14 CVE-2023-27269 Path Traversal vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker with non-administrative authorizations to exploit a directory traversal flaw in an available service to overwrite the system files.
network
low complexity
sap CWE-22
critical
9.6
2023-03-13 CVE-2023-25803 Path Traversal vulnerability in Roxy-Wi
Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers.
network
low complexity
roxy-wi CWE-22
7.5