Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2024-6097 | Path Traversal vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability. | 5.3 |
| 2025-02-12 | CVE-2024-11343 | Path Traversal vulnerability in Progress Telerik Document Processing Libraries In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access. | 8.8 |
| 2025-02-12 | CVE-2025-0332 | Path Traversal vulnerability in Telerik UI for Winforms In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory. | 9.8 |
| 2025-02-11 | CVE-2025-24406 | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. | 7.5 |
| 2025-02-07 | CVE-2025-1106 | Path Traversal vulnerability in Cmseasy 7.7.7.9 A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. | 6.5 |
| 2025-02-07 | CVE-2025-25163 | Path Traversal vulnerability in Pluginab Plugin A/B Image Optimizer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. | 9.8 |
| 2025-02-06 | CVE-2025-0859 | Path Traversal vulnerability in Boldgrid Post and Page Builder The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. | 6.5 |
| 2025-02-06 | CVE-2025-0799 | IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories. | 6.5 |
| 2025-02-03 | CVE-2025-24605 | Path Traversal vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal. | 7.2 |
| 2025-02-03 | CVE-2025-0973 | Path Traversal vulnerability in Cmseasy 7.7.7.9 A vulnerability classified as critical was found in CmsEasy 7.7.7.9. | 6.5 |