Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-10-03 CVE-2022-40123 Path Traversal vulnerability in Mojoportal 2.7.0.0
mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx.
network
low complexity
mojoportal CWE-22
6.5
2022-09-30 CVE-2022-34429 Path Traversal vulnerability in Dell Hybrid Client
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI.
local
low complexity
dell CWE-22
7.1
2022-09-30 CVE-2022-20775 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
local
low complexity
cisco CWE-22
7.8
2022-09-30 CVE-2022-20818 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
local
low complexity
cisco CWE-22
7.8
2022-09-30 CVE-2021-33354 Path Traversal vulnerability in Htmly
Directory Traversal vulnerability in htmly before 2.8.1 allows remote attackers to perform arbitrary file deletions via modified file parameter.
network
low complexity
htmly CWE-22
8.1
2022-09-30 CVE-2022-2922 Path Traversal vulnerability in Dnnsoftware Dotnetnuke
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.
network
low complexity
dnnsoftware CWE-22
4.9
2022-09-28 CVE-2022-39261 Path Traversal vulnerability in multiple products
Twig is a template language for PHP.
network
low complexity
symfony drupal fedoraproject debian CWE-22
7.5
2022-09-28 CVE-2022-40082 Path Traversal vulnerability in Cloudwego Hertz 0.3.0
Hertz v0.3.0 ws discovered to contain a path traversal vulnerability via the normalizePath function.
network
low complexity
cloudwego CWE-22
7.5
2022-09-27 CVE-2022-40199 Path Traversal vulnerability in Ec-Cube
Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated attacker with an administrative privilege to obtain the product's directory structure information.
network
low complexity
ec-cube CWE-22
2.7
2022-09-26 CVE-2022-41352 Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0.
network
low complexity
zimbra CWE-22
critical
9.8