Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31574 Path Traversal vulnerability in Realestate Project Realestate 20181130
The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
realestate-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31575 Path Traversal vulnerability in Livro Python Project Livro Python 20180606
The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
livro-python-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31576 Path Traversal vulnerability in Shackerpanel Project Shackerpanel 20210525
The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
shackerpanel-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31577 Path Traversal vulnerability in Audio Aligner APP Project Audio Aligner APP 20200110
The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
audio-aligner-app-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31578 Path Traversal vulnerability in BT Lnmp Project BT Lnmp 20191010
The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
bt-lnmp-project CWE-22
7.5
7.5
2022-07-11 CVE-2022-31579 Path Traversal vulnerability in Iasset Project Iasset 20220504
The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
iasset-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31580 Path Traversal vulnerability in Caretakerr-Api Project Caretakerr-Api 20210517
The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
caretakerr-api-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31581 Path Traversal vulnerability in Scorelab Openmf
The scorelab/OpenMF repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
scorelab CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31582 Path Traversal vulnerability in Videoserver Project Videoserver 20190921
The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
videoserver-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31583 Path Traversal vulnerability in Automatedquizeval Project Automatedquizeval 20200427
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
automatedquizeval-project CWE-22
critical
 9.3
9.3