Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-36889 | Path Traversal vulnerability in Jenkins Deployer Framework Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service. | 8.8 |
| 2022-07-27 | CVE-2022-36890 | Path Traversal vulnerability in Jenkins Deployer Framework Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. | 4.3 |
| 2022-07-27 | CVE-2022-34551 | Path Traversal vulnerability in Sims Project Sims 1.0 Sims v1.0 was discovered to allow path traversal when downloading attachments. | 6.5 |
| 2022-07-26 | CVE-2022-1648 | Path Traversal vulnerability in Pandorafms Pandora FMS Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. | 7.2 |
| 2022-07-25 | CVE-2022-24992 | Path Traversal vulnerability in QR Code Generator Project QR Code Generator A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal. | 7.5 |
| 2022-07-25 | CVE-2020-7649 | Path Traversal vulnerability in Snyk Broker This affects the package snyk-broker before 4.73.0. | 4.9 |
| 2022-07-25 | CVE-2017-20145 | Path Traversal vulnerability in Tecrail Responsive Filemanager A vulnerability was found in Tecrail Responsive Filemanger up to 9.10.x and classified as critical. | 9.8 |
| 2022-07-23 | CVE-2022-1128 | Path Traversal vulnerability in Google Chrome Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-22 | CVE-2022-2139 | Path Traversal vulnerability in Advantech Iview The affected product is vulnerable to directory traversal, which may allow an attacker to access unauthorized files and execute arbitrary code. | 9.8 |
| 2022-07-21 | CVE-2022-31475 | Path Traversal vulnerability in Givewp Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress. | 4.9 |