Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-07 | CVE-2022-36081 | Path Traversal vulnerability in Wikmd Project Wikmd Wikmd is a file based wiki that uses markdown. | 7.5 |
| 2022-09-06 | CVE-2022-36065 | Path Traversal vulnerability in Growthbook GrowthBook is an open-source platform for feature flagging and A/B testing. | 7.5 |
| 2022-09-06 | CVE-2022-29062 | Path Traversal vulnerability in Fortinet Fortisoar Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests. | 6.5 |
| 2022-09-06 | CVE-2022-2943 | Path Traversal vulnerability in Connekthq Ajax Load More The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary file reading in versions up to, and including, 5.5.3 due to insufficient file path validation on the alm_repeaters_export() function. | 4.9 |
| 2022-09-06 | CVE-2022-2945 | Path Traversal vulnerability in Connekthq Ajax Load More The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. | 2.7 |
| 2022-09-05 | CVE-2022-39838 | Path Traversal vulnerability in Systematicalpha Systematic FIX Adapter Firmware 2.4.0.25 Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames. | 8.6 |
| 2022-09-02 | CVE-2022-34378 | Path Traversal vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. | 5.5 |
| 2022-09-02 | CVE-2022-36593 | Path Traversal vulnerability in Keking Kkfileview 4.0.0 kkFileView v4.0.0 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter at /controller/FileController.java. | 6.5 |
| 2022-08-31 | CVE-2022-34373 | Path Traversal vulnerability in Dell Command | Integration Suite for System Center Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. | 7.8 |
| 2022-08-31 | CVE-2022-37122 | Path Traversal vulnerability in Carel products Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. | 7.5 |