Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-29 | CVE-2024-8304 | Path Traversal vulnerability in Jpress A vulnerability has been found in jpress up to 5.1.1 and classified as critical. | 4.9 |
| 2024-08-29 | CVE-2024-45436 | Path Traversal vulnerability in Ollama extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. | 7.5 |
| 2024-08-28 | CVE-2024-44761 | Path Traversal vulnerability in Gzequan EQ Enterprise Management System An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests. | 9.8 |
| 2024-08-28 | CVE-2024-7744 | Path Traversal vulnerability in Progress WS FTP Server In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:) | 6.5 |
| 2024-08-28 | CVE-2023-26321 | Path Traversal vulnerability in MI File Manager 1210567 A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). | 9.8 |
| 2024-08-28 | CVE-2024-4556 | Path Traversal vulnerability in Microfocus Netiq Access Manager 5.0.2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | 7.5 |
| 2024-08-28 | CVE-2024-6312 | Path Traversal vulnerability in Funnelforms Free The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. | 6.5 |
| 2024-08-27 | CVE-2024-3980 | Path Traversal vulnerability in Hitachienergy Microscada PRO Sys600 and Microscada X Sys600 The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. | 8.8 |
| 2024-08-27 | CVE-2024-6789 | Path Traversal vulnerability in M-Files Server A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files | 6.5 |
| 2024-08-26 | CVE-2024-8165 | Path Traversal vulnerability in Beikeshop A vulnerability, which was classified as problematic, was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. | 6.5 |