Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-19 | CVE-2024-7927 | Path Traversal vulnerability in Zzcms 2023 A vulnerability classified as critical was found in ZZCMS 2023. | 7.5 |
| 2024-08-19 | CVE-2024-43248 | Path Traversal vulnerability in Bitapps BIT Form Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4. | 9.1 |
| 2024-08-19 | CVE-2024-7924 | Path Traversal vulnerability in Zzcms 2023 A vulnerability was found in ZZCMS 2023. | 7.5 |
| 2024-08-19 | CVE-2024-43399 | Path Traversal vulnerability in Opensecurity Mobile Security Framework Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. | 9.8 |
| 2024-08-16 | CVE-2024-7145 | Path Traversal vulnerability in Crocoblock Jetelements The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. | 8.8 |
| 2024-08-15 | CVE-2024-43373 | Path Traversal vulnerability in J4K0Xb Webcrack webcrack is a tool for reverse engineering javascript. | 7.8 |
| 2024-08-15 | CVE-2024-7262 | Path Traversal vulnerability in Kingsoft WPS Office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document | 7.8 |
| 2024-08-15 | CVE-2024-7263 | Path Traversal vulnerability in Kingsoft WPS Office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. | 7.8 |
| 2024-08-15 | CVE-2024-42680 | Path Traversal vulnerability in Cysoft168 Super Easy Enterprise Management System An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark. | 5.5 |
| 2024-08-14 | CVE-2024-27120 | Path Traversal vulnerability in Celsiusbenelux Comfortkey A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. | 7.5 |