Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-38638 | Path Traversal vulnerability in Casbin Casdoor 1.97.3 Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource. | 9.1 |
| 2022-09-09 | CVE-2022-38614 | Path Traversal vulnerability in Bpcbt Smartvista Cardgen 3.28.0 An issue in the IGB Files and OutfileService features of SmartVista Cardgen v3.28.0 allows attackers to list and download arbitrary files via modifying the PATH parameter. | 7.5 |
| 2022-09-09 | CVE-2022-28741 | Path Traversal vulnerability in Aenrich A+Hrd aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion (LFI) vulnerability that occurs due to missing input validation in v5.x | 8.1 |
| 2022-09-09 | CVE-2022-38613 | Path Traversal vulnerability in Bpcbt Smartvista Cardgen 3.28.0 A Path Traversal vulnerability in SmartVista Cardgen v3.28.0 allows authenticated attackers to read arbitrary files in the system. | 6.5 |
| 2022-09-09 | CVE-2022-36850 | Path Traversal vulnerability in Google Android 12.0 Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid. | 4.7 |
| 2022-09-09 | CVE-2022-37299 | Path Traversal vulnerability in Shirne CMS Project Shirne CMS 1.2.0 An issue was discovered in Shirne CMS 1.2.0. | 6.5 |
| 2022-09-08 | CVE-2022-38258 | Path Traversal vulnerability in Dlink Dir-819 Firmware 1.06 A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request. | 8.1 |
| 2022-09-07 | CVE-2022-36081 | Path Traversal vulnerability in Wikmd Project Wikmd Wikmd is a file based wiki that uses markdown. | 7.5 |
| 2022-09-06 | CVE-2022-36065 | Path Traversal vulnerability in Growthbook GrowthBook is an open-source platform for feature flagging and A/B testing. | 7.5 |
| 2022-09-06 | CVE-2022-29062 | Path Traversal vulnerability in Fortinet Fortisoar Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests. | 6.5 |