Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-28 | CVE-2021-24689 | Path Traversal vulnerability in Wpeverest Contact Form The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack | 4.9 |
| 2022-02-24 | CVE-2021-44665 | Path Traversal vulnerability in Xerte A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php. | 6.5 |
| 2022-02-24 | CVE-2022-23135 | Path Traversal vulnerability in ZTE Zxhn F477 Firmware and Zxhn F677 Firmware There is a directory traversal vulnerability in some home gateway products of ZTE. | 6.5 |
| 2022-02-24 | CVE-2022-22349 | Path Traversal vulnerability in IBM Sterling External Authentication Server 3.4.3.2/6.0.2.0/6.0.3.0 IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. | 4.3 |
| 2022-02-24 | CVE-2020-27467 | Path Traversal vulnerability in Processwire A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php. | 7.5 |
| 2022-02-24 | CVE-2021-45746 | Path Traversal vulnerability in Webank Wecube 3.2.1 A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file variable in PluginPackageController.java. | 7.5 |
| 2022-02-21 | CVE-2021-27753 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android PathTraversal Vulnerability" | 5.5 |
| 2022-02-21 | CVE-2021-27755 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android potential path traversal vulnerability when using File class" | 5.5 |
| 2022-02-18 | CVE-2022-25358 | Path Traversal vulnerability in Awful-Salmonella-Tar Project Awful-Salmonella-Tar 0.0.2/0.0.3 A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. | 5.3 |
| 2022-02-18 | CVE-2021-40841 | Path Traversal vulnerability in Liveconfig A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server. | 6.5 |