Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-13 | CVE-2022-25591 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.8.0 BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request. | 9.1 |
| 2022-05-12 | CVE-2022-23166 | Path Traversal vulnerability in Sysaid Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. | 9.8 |
| 2022-05-12 | CVE-2022-29298 | Path Traversal vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. | 7.5 |
| 2022-05-11 | CVE-2022-29596 | Path Traversal vulnerability in Microstrategy Enterprise Manager 2022 MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. | 9.8 |
| 2022-05-11 | CVE-2022-30058 | Path Traversal vulnerability in Shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Download vulnerability via the neirong parameter at \backend\controllers\DbController.php. | 5.3 |
| 2022-05-11 | CVE-2022-30059 | Path Traversal vulnerability in Shopwind Shopwind <=v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php. | 6.5 |
| 2022-05-11 | CVE-2022-30061 | Path Traversal vulnerability in Ftcms 2.1 ftcms <=2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp. | 6.5 |
| 2022-05-11 | CVE-2022-30062 | Path Traversal vulnerability in Ftcms 2.1 ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Read via tp.php | 6.5 |
| 2022-05-09 | CVE-2022-30333 | Path Traversal vulnerability in multiple products RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. | 7.5 |
| 2022-05-06 | CVE-2022-26889 | Path Traversal vulnerability in Splunk 8.1.0/8.1.1 In Splunk Enterprise versions before 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. | 8.8 |