Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-07 | CVE-2021-36471 | Path Traversal vulnerability in Adminlte.Io Adminlte 3.1.0 Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. | 9.8 |
| 2023-02-03 | CVE-2022-47762 | Path Traversal vulnerability in Gin-Vue-Admin Project Gin-Vue-Admin In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability. | 7.5 |
| 2023-02-03 | CVE-2021-36425 | Path Traversal vulnerability in PHPwcms Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file. | 5.4 |
| 2023-02-03 | CVE-2021-37317 | Path Traversal vulnerability in Asus Rt-Ac68U Firmware Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations. | 9.1 |
| 2023-02-02 | CVE-2022-3560 | Path Traversal vulnerability in multiple products A flaw was found in pesign. | 5.5 |
| 2023-02-01 | CVE-2022-45783 | Path Traversal vulnerability in Dotcms An issue was discovered in dotCMS core 4.x through 22.10.2. | 6.5 |
| 2023-02-01 | CVE-2023-23136 | Path Traversal vulnerability in Lmxcms 1.41 lmxcms v1.41 was discovered to contain an arbitrary file deletion vulnerability via BackdbAction.class.php. | 6.5 |
| 2023-02-01 | CVE-2023-0454 | Path Traversal vulnerability in Orangescrum 2.0.11 OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. | 8.1 |
| 2023-02-01 | CVE-2022-47768 | Path Traversal vulnerability in Serinf Fast Checkin 1.0 Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal. | 7.5 |
| 2023-01-31 | CVE-2022-46835 | Path Traversal vulnerability in Sailpoint Identityiq IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950. | 7.5 |