Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2025-02-12 CVE-2024-6097 Path Traversal vulnerability in Progress Telerik Reporting
In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability.
network
low complexity
progress CWE-22
5.3
2025-02-12 CVE-2024-11343 Path Traversal vulnerability in Progress Telerik Document Processing Libraries
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access.
network
low complexity
progress CWE-22
8.8
2025-02-12 CVE-2025-0332 Path Traversal vulnerability in Telerik UI for Winforms
In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
network
low complexity
telerik CWE-22
critical
9.8
2025-02-11 CVE-2025-24406 Path Traversal vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass.
network
low complexity
adobe CWE-22
7.5
2025-02-07 CVE-2025-1106 Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability classified as critical has been found in CmsEasy 7.7.7.9.
network
low complexity
cmseasy CWE-22
6.5
2025-02-07 CVE-2025-25163 Path Traversal vulnerability in Pluginab Plugin A/B Image Optimizer
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal.
network
low complexity
pluginab CWE-22
critical
9.8
2025-02-06 CVE-2025-0859 Path Traversal vulnerability in Boldgrid Post and Page Builder
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function.
network
low complexity
boldgrid CWE-22
6.5
2025-02-06 CVE-2025-0799 IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories.
network
low complexity
CWE-22
6.5
2025-02-03 CVE-2025-24605 Path Traversal vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal.
network
low complexity
pluginus CWE-22
7.2
2025-02-03 CVE-2025-0973 Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability classified as critical was found in CmsEasy 7.7.7.9.
network
low complexity
cmseasy CWE-22
6.5