Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-25 CVE-2022-24992 Path Traversal vulnerability in QR Code Generator Project QR Code Generator
A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal.
network
low complexity
qr-code-generator-project CWE-22
7.5
2022-07-25 CVE-2020-7649 Path Traversal vulnerability in Snyk Broker
This affects the package snyk-broker before 4.73.0.
network
low complexity
snyk CWE-22
4.9
2022-07-25 CVE-2017-20145 Path Traversal vulnerability in Tecrail Responsive Filemanager
A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical.
network
low complexity
tecrail CWE-22
critical
9.8
2022-07-23 CVE-2022-1128 Path Traversal vulnerability in Google Chrome
Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.
network
low complexity
google CWE-22
6.5
2022-07-22 CVE-2022-2139 Path Traversal vulnerability in Advantech Iview
The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code.
network
low complexity
advantech CWE-22
critical
9.8
2022-07-21 CVE-2022-31475 Path Traversal vulnerability in Givewp
Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
network
low complexity
givewp CWE-22
4.9
2022-07-21 CVE-2022-0902 Path Traversal vulnerability in ABB products
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.
network
low complexity
abb CWE-22
critical
9.8
2022-07-20 CVE-2022-29834 Path Traversal vulnerability in Iconics Genesis64 10.97/10.97.1
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 mobile monitoring application and accessing the monitoring screen.
network
low complexity
iconics CWE-22
7.5
2022-07-20 CVE-2022-24659 Path Traversal vulnerability in Goldshell Miner Firmware
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device.
network
low complexity
goldshell CWE-22
7.5
2022-07-19 CVE-2022-30301 Path Traversal vulnerability in Fortinet Fortiap-U
A path traversal vulnerability [CWE-22] in FortiAP-U CLI 6.2.0 through 6.2.3, 6.0.0 through 6.0.4, 5.4.0 through 5.4.6 may allow an admin user to delete and access unauthorized files and data via specifically crafted CLI commands.
local
low complexity
fortinet CWE-22
6.7