Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-15 | CVE-2022-25178 | Path Traversal vulnerability in Jenkins Pipeline:Shared Groovy Libraries Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | 6.5 |
| 2022-02-15 | CVE-2022-25188 | Path Traversal vulnerability in Jenkins Fortify Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. | 4.3 |
| 2022-02-15 | CVE-2021-43734 | Path Traversal vulnerability in Keking Kkfileview 4.0.0 kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. | 7.5 |
| 2022-02-14 | CVE-2022-24977 | Path Traversal vulnerability in Impresscms ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. | 9.8 |
| 2022-02-11 | CVE-2020-14523 | Path Traversal vulnerability in Mitsubishielectric products Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. | 9.8 |
| 2022-02-11 | CVE-2021-44111 | Path Traversal vulnerability in S-Cart A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. | 4.4 |
| 2022-02-10 | CVE-2022-24647 | Path Traversal vulnerability in Cuppacms 1.0 Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink() function. | 8.1 |
| 2022-02-09 | CVE-2021-45286 | Path Traversal vulnerability in Zzcms 2021 Directory Traversal vulnerability exists in ZZCMS 2021 via the skin parameter in 1) index.php, 2) bottom.php, and 3) top_index.php. | 5.3 |
| 2022-02-08 | CVE-2022-21193 | Path Traversal vulnerability in Dounokouno Transmitmail 2.5.0/2.6.0/2.6.1 Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors. | 7.5 |
| 2022-02-07 | CVE-2022-22931 | Path Traversal vulnerability in Apache James 3.6.1 Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. | 4.3 |