Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-27 | CVE-2022-40199 | Path Traversal vulnerability in Ec-Cube Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated attacker with an administrative privilege to obtain the product's directory structure information. | 2.7 |
| 2022-09-26 | CVE-2022-41352 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. | 9.8 |
| 2022-09-22 | CVE-2022-34026 | Path Traversal vulnerability in Icecoder 8.1 ICEcoder v8.1 allows attackers to execute a directory traversal. | 7.5 |
| 2022-09-22 | CVE-2022-40443 | Path Traversal vulnerability in Zzcms 2022 An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php. | 5.3 |
| 2022-09-22 | CVE-2022-40444 | Path Traversal vulnerability in Zzcms 2022 ZZCMS 2022 was discovered to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server. | 5.3 |
| 2022-09-22 | CVE-2022-28981 | Path Traversal vulnerability in Liferay Portal 7.4.0/7.4.1/7.4.2 Path traversal vulnerability in the Hypermedia REST APIs module in Liferay Portal 7.4.0 through 7.4.2 allows remote attackers to access files outside of com.liferay.headless.discovery.web/META-INF/resources via the `parameter` parameter. | 7.5 |
| 2022-09-21 | CVE-2022-29799 | Path Traversal vulnerability in Microsoft Windows Defender for Endpoint A vulnerability was found in networkd-dispatcher. | 5.5 |
| 2022-09-21 | CVE-2022-41231 | Path Traversal vulnerability in Jenkins Build-Publisher Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint. | 5.7 |
| 2022-09-20 | CVE-2022-38340 | Path Traversal vulnerability in Safe FME Server Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmedataupload. | 7.2 |
| 2022-09-19 | CVE-2022-40608 | Path Traversal vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. | 7.5 |