Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-17 | CVE-2022-22914 | Path Traversal vulnerability in Ovidentia 6.0.0 An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal. | 7.5 |
| 2022-02-16 | CVE-2022-24983 | Path Traversal vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. | 7.5 |
| 2022-02-15 | CVE-2021-35380 | Path Traversal vulnerability in Solari Termtalk Server 3.24.0.2 A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download (http://url:port/file?valore). | 7.5 |
| 2022-02-15 | CVE-2022-25178 | Path Traversal vulnerability in Jenkins Pipeline:Shared Groovy Libraries Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. | 6.5 |
| 2022-02-15 | CVE-2022-25188 | Path Traversal vulnerability in Jenkins Fortify Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker. | 4.3 |
| 2022-02-15 | CVE-2021-43734 | Path Traversal vulnerability in Keking Kkfileview 4.0.0 kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host. | 7.5 |
| 2022-02-14 | CVE-2022-24977 | Path Traversal vulnerability in Impresscms ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. | 9.8 |
| 2022-02-11 | CVE-2020-14523 | Path Traversal vulnerability in Mitsubishielectric products Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. | 9.8 |
| 2022-02-11 | CVE-2021-44111 | Path Traversal vulnerability in S-Cart A Directory Traversal vulnerability exists in S-Cart 6.7 via download in sc-admin/backup. | 4.4 |
| 2022-02-10 | CVE-2022-24647 | Path Traversal vulnerability in Cuppacms 1.0 Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink() function. | 8.1 |