Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-02 | CVE-2022-25634 | Path Traversal vulnerability in QT Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. | 7.5 |
| 2022-03-01 | CVE-2021-42767 | Path Traversal vulnerability in Neo4J Awesome Procedures 4.2.0.0/4.3.0.0/4.4.0.0 A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attackers to read local files, and sometimes create local files. | 9.1 |
| 2022-02-28 | CVE-2022-25412 | Path Traversal vulnerability in Max-3000 Maxsite CMS 108 Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters. | 8.1 |
| 2022-02-28 | CVE-2022-26315 | Path Traversal vulnerability in Qrcp Project Qrcp qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader. | 5.3 |
| 2022-02-28 | CVE-2021-24689 | Path Traversal vulnerability in Wpeverest Contact Form The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack | 4.9 |
| 2022-02-24 | CVE-2021-44665 | Path Traversal vulnerability in Xerte A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php. | 6.5 |
| 2022-02-24 | CVE-2022-23135 | Path Traversal vulnerability in ZTE Zxhn F477 Firmware and Zxhn F677 Firmware There is a directory traversal vulnerability in some home gateway products of ZTE. | 6.5 |
| 2022-02-24 | CVE-2022-22349 | Path Traversal vulnerability in IBM Sterling External Authentication Server 3.4.3.2/6.0.2.0/6.0.3.0 IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. | 4.3 |
| 2022-02-24 | CVE-2020-27467 | Path Traversal vulnerability in Processwire A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php. | 7.5 |
| 2022-02-24 | CVE-2021-45746 | Path Traversal vulnerability in Webank Wecube 3.2.1 A Directory Traversal vulnerability exists in WeBankPartners wecube-platform 3.2.1 via the file variable in PluginPackageController.java. | 7.5 |