Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-02 | CVE-2022-28451 | Path Traversal vulnerability in Nopcommerce 4.50.1 nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature. | 7.5 |
| 2022-05-01 | CVE-2022-25842 | Path Traversal vulnerability in Alibabagroup One-Java-Agent All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. | 9.8 |
| 2022-05-01 | CVE-2022-26068 | Path Traversal vulnerability in Pistache Project Pistache This affects the package pistacheio/pistache before 0.0.3.20220425. | 7.5 |
| 2022-04-29 | CVE-2022-29967 | Path Traversal vulnerability in Glewlwyd Project Glewlwyd static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal. | 7.5 |
| 2022-04-28 | CVE-2022-29081 | Path Traversal vulnerability in Zohocorp products Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. | 9.8 |
| 2022-04-27 | CVE-2021-46420 | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 2.23.4.8936 Franklin Fueling Systems FFS TS-550 evo 2.23.4.8936 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 7.5 |
| 2022-04-27 | CVE-2021-46421 | Path Traversal vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299 Franklin Fueling Systems FFS T5 Series 1.8.7.7299 is affected by an unauthenticated directory traversal vulnerability, which allows an attacker to obtain sensitive information. | 7.5 |
| 2022-04-26 | CVE-2022-28058 | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php. | 8.1 |
| 2022-04-26 | CVE-2022-28059 | Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php. | 8.1 |
| 2022-04-26 | CVE-2022-28523 | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete. | 8.1 |