Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-21 | CVE-2022-31268 | Path Traversal vulnerability in Gitblit 1.9.3 A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname). | 7.5 |
| 2022-05-17 | CVE-2022-1359 | Path Traversal vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. | 7.5 |
| 2022-05-17 | CVE-2022-29332 | Path Traversal vulnerability in Dlink Dir-825 Firmware 2022.01.1313.48 D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. | 6.5 |
| 2022-05-17 | CVE-2021-42643 | Path Traversal vulnerability in Cmseasy 7.7.520211012 cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. | 8.8 |
| 2022-05-16 | CVE-2022-1721 | Path Traversal vulnerability in Diagrams Drawio Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. | 7.5 |
| 2022-05-14 | CVE-2022-24830 | Path Traversal vulnerability in Openclinica 3.14/3.16/3.16.1 OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). | 9.8 |
| 2022-05-13 | CVE-2022-25591 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.8.0 BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request. | 9.1 |
| 2022-05-12 | CVE-2022-23166 | Path Traversal vulnerability in Sysaid Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. | 9.8 |
| 2022-05-12 | CVE-2022-29298 | Path Traversal vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal. | 7.5 |
| 2022-05-11 | CVE-2022-29596 | Path Traversal vulnerability in Microstrategy Enterprise Manager 2022 MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. | 9.8 |