Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-02 | CVE-2021-43070 | Path Traversal vulnerability in Fortinet Fortiwlm Multiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface 8.6.2 and below, 8.5.2 and below, 8.4.2 and below, 8.3.3 and below, 8.2.2 may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. | 6.5 |
| 2022-03-02 | CVE-2022-25634 | Path Traversal vulnerability in QT Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. | 7.5 |
| 2022-03-01 | CVE-2021-42767 | Path Traversal vulnerability in Neo4J Awesome Procedures 4.2.0.0/4.3.0.0/4.4.0.0 A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attackers to read local files, and sometimes create local files. | 9.1 |
| 2022-02-28 | CVE-2022-25412 | Path Traversal vulnerability in Max-3000 Maxsite CMS 108 Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters. | 8.1 |
| 2022-02-28 | CVE-2022-26315 | Path Traversal vulnerability in Qrcp Project Qrcp qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader. | 5.3 |
| 2022-02-28 | CVE-2021-24689 | Path Traversal vulnerability in Wpeverest Contact Form The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack | 4.9 |
| 2022-02-24 | CVE-2021-44665 | Path Traversal vulnerability in Xerte A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php. | 6.5 |
| 2022-02-24 | CVE-2022-23135 | Path Traversal vulnerability in ZTE Zxhn F477 Firmware and Zxhn F677 Firmware There is a directory traversal vulnerability in some home gateway products of ZTE. | 6.5 |
| 2022-02-24 | CVE-2022-22349 | Path Traversal vulnerability in IBM Sterling External Authentication Server 3.4.3.2/6.0.2.0/6.0.3.0 IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. | 4.3 |
| 2022-02-24 | CVE-2020-27467 | Path Traversal vulnerability in Processwire A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php. | 7.5 |