Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-26 | CVE-2022-28527 | Path Traversal vulnerability in Dhcms Project Dhcms 20170919 dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del. | 8.1 |
| 2022-04-26 | CVE-2021-26629 | Path Traversal vulnerability in Tobesoft Xplatform A path traversal vulnerability in XPLATFORM's runtime archive function could lead to arbitrary file creation. | 8.8 |
| 2022-04-26 | CVE-2022-29806 | Path Traversal vulnerability in Zoneminder ZoneMinder before 1.36.13 allows remote code execution via an invalid language. | 9.8 |
| 2022-04-25 | CVE-2021-35250 | Path Traversal vulnerability in Solarwinds Serv-U 15.3 A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. | 7.5 |
| 2022-04-25 | CVE-2021-40680 | Path Traversal vulnerability in Articatech web Proxy 4.30.000000 There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi. | 8.1 |
| 2022-04-21 | CVE-2022-24424 | Path Traversal vulnerability in Dell EMC Appsync 3.9.0.0/4.2.0.0/4.3.0.0 Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. | 7.5 |
| 2022-04-21 | CVE-2022-28444 | Path Traversal vulnerability in Ucms Project Ucms 1.6 UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. | 7.5 |
| 2022-04-21 | CVE-2022-20790 | Path Traversal vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. | 6.5 |
| 2022-04-21 | CVE-2022-27925 | Path Traversal vulnerability in Zimbra Collaboration 8.8.15/9.0.0 Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. | 7.2 |
| 2022-04-19 | CVE-2022-1119 | Path Traversal vulnerability in Simplefilelist Simple-File-List The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7. | 7.5 |