Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-25 | CVE-2022-41158 | Path Traversal vulnerability in Eyoom Builder Remote code execution vulnerability can be achieved by using cookie values as paths to a file by this builder program. | 9.8 |
| 2022-11-25 | CVE-2022-41712 | Path Traversal vulnerability in Frappe 14.10.0 Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. | 6.5 |
| 2022-11-24 | CVE-2022-44748 | Path Traversal vulnerability in Knime Server 4.12.5/4.13.3/4.13.4 A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Server since 4.3.0 can result in arbitrary files being overwritten on the server's file system. | 7.5 |
| 2022-11-24 | CVE-2022-44749 | Path Traversal vulnerability in Knime Analytics Platform A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. | 7.0 |
| 2022-11-23 | CVE-2022-45866 | Path Traversal vulnerability in multiple products qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file. | 5.3 |
| 2022-11-23 | CVE-2022-44280 | Path Traversal vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master.php?f=delete_img. | 6.5 |
| 2022-11-18 | CVE-2022-41840 | Path Traversal vulnerability in Welcart E-Commerce Unauth. | 9.8 |
| 2022-11-17 | CVE-2022-39178 | Path Traversal vulnerability in Webvendome Project Webvendome 1.0 Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure. | 5.3 |
| 2022-11-17 | CVE-2022-42892 | Path Traversal vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 5.3 |
| 2022-11-16 | CVE-2022-44006 | Path Traversal vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 9.8 |