Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-26 | CVE-2024-47170 | Path Traversal vulnerability in Agnai Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. | 4.3 |
| 2024-09-26 | CVE-2024-47171 | Path Traversal vulnerability in Agnai Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. | 4.3 |
| 2024-09-26 | CVE-2024-8704 | Path Traversal vulnerability in Advancedfilemanager Advanced File Manager The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. | 7.2 |
| 2024-09-25 | CVE-2024-8941 | Path Traversal vulnerability in Scriptcase 9.4.019 Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a path used in the POST parameter “field_file” by a web application. | 5.3 |
| 2024-09-24 | CVE-2024-8671 | Path Traversal vulnerability in Exthemes Wooevents The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. | 9.1 |
| 2024-09-23 | CVE-2024-43996 | Path Traversal vulnerability in Wpmet Elementskit Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ElementsKit ElementsKit Pro allows PHP Local File Inclusion.This issue affects ElementsKit Pro: from n/a through 3.6.0. | 6.5 |
| 2024-09-21 | CVE-2024-6786 | Path Traversal vulnerability in Moxa Mxview ONE The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. | 6.5 |
| 2024-09-20 | CVE-2024-9032 | Path Traversal vulnerability in Oretnom23 Simple Forum/Discussion System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. | 8.8 |
| 2024-09-19 | CVE-2024-33109 | Path Traversal vulnerability in multiple products Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. | 9.8 |
| 2024-09-19 | CVE-2024-8963 | Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.6 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | 9.1 |