VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-24
CVE-2025-2708
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1.
network
low complexity
CWE-22
5.4
5.4
2025-03-24
CVE-2025-2707
A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro 2.4.1.
network
low complexity
CWE-22
5.4
5.4
2025-03-22
CVE-2025-1973
The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.6.2 via the download_file() function.
network
low complexity
CWE-22
4.9
4.9
2025-03-21
CVE-2025-30343
Path Traversal vulnerability in Openslides 3.2
A directory traversal issue was discovered in OpenSlides before 4.2.5.
network
low complexity
openslides
CWE-22
6.5
6.5
2025-03-20
CVE-2024-13920
Path Traversal vulnerability in Webtoffee Order Export & Order Import for Woocommerce
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the download_file() function.
network
low complexity
webtoffee
CWE-22
4.9
4.9
2025-03-20
CVE-2024-8769
Path Traversal vulnerability in Aimstack AIM
A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative path traversal.
network
low complexity
aimstack
CWE-22
critical
9.1
9.1
2025-03-20
CVE-2025-2505
The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter.
network
low complexity
CWE-22
critical
9.8
9.8
2025-03-20
CVE-2025-1770
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via the 'style' parameter.
network
low complexity
CWE-22
8.8
8.8
2025-03-19
CVE-2024-7631
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json.
network
low complexity
CWE-22
4.3
4.3
2025-03-18
CVE-2025-0694
Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.
low complexity
CWE-22
6.6
6.6
«
Previous
1
2
(current)
3
4
5
...
372
373
»
Next