Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-15 | CVE-2024-7263 | Path Traversal vulnerability in Kingsoft WPS Office Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. | 7.8 |
| 2024-08-15 | CVE-2024-42680 | Path Traversal vulnerability in Cysoft168 Super Easy Enterprise Management System An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark. | 5.5 |
| 2024-08-14 | CVE-2024-27120 | Path Traversal vulnerability in Celsiusbenelux Comfortkey A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. | 7.5 |
| 2024-08-14 | CVE-2024-39399 | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. | 7.7 |
| 2024-08-14 | CVE-2024-39406 | Path Traversal vulnerability in Adobe Commerce Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. | 6.8 |
| 2024-08-14 | CVE-2024-38652 | Path Traversal vulnerability in Ivanti Avalanche Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. | 9.1 |
| 2024-08-13 | CVE-2024-7741 | Path Traversal vulnerability in Ltcms 1.0.20 A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. | 5.3 |
| 2024-08-13 | CVE-2024-7738 | Path Traversal vulnerability in Yzane Markdown PDF 1.5.0 A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. | 7.8 |
| 2024-08-13 | CVE-2024-43138 | Path Traversal vulnerability in Mage-People Event Manager and Tickets Selling for Woocommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event Manager for WooCommerce: from n/a through 4.2.1. | 8.8 |
| 2024-08-13 | CVE-2024-43140 | Path Traversal vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows PHP Local File Inclusion.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.4. | 8.8 |