Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-05 | CVE-2022-31836 | Path Traversal vulnerability in Beego The leafInfo.match() function in Beego v2.0.3 and below uses path.join() to deal with wildcardvalues which can lead to cross directory risk. | 9.8 |
| 2022-07-02 | CVE-2022-32551 | Path Traversal vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5/10.6 Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml). | 7.5 |
| 2022-06-30 | CVE-2022-28127 | Path Traversal vulnerability in Robustel R1510 Firmware 3.3.0 A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. | 9.1 |
| 2022-06-28 | CVE-2017-20105 | Path Traversal vulnerability in Simplessus 3.7.7 A vulnerability was found in Simplessus 3.7.7. | 8.1 |
| 2022-06-27 | CVE-2022-33116 | Path Traversal vulnerability in Openeclass An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform (aka openeclass) v3.12.4 and below allows attackers to read arbitrary files via a directory traversal. | 6.5 |
| 2022-06-27 | CVE-2022-2106 | Path Traversal vulnerability in Smartics 2.3.4.0 Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files. | 2.7 |
| 2022-06-27 | CVE-2017-20102 | Path Traversal vulnerability in Album Lock Project Album Lock 4.0 A vulnerability was found in Album Lock 4.0 and classified as critical. | 5.5 |
| 2022-06-24 | CVE-2022-29097 | Path Traversal vulnerability in Dell Wyse Management Suite Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. | 4.9 |
| 2022-06-24 | CVE-2013-1891 | Path Traversal vulnerability in Opencart 1.5.5.1 In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed. | 6.5 |
| 2022-06-24 | CVE-2022-2120 | Path Traversal vulnerability in Offis Dcmtk OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. | 9.8 |