Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-2548 | Path Traversal vulnerability in Lollms web UI A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `lollms_core/lollms/server/endpoints/lollms_binding_files_server.py` and `lollms_core/lollms/security.py` files. | 7.5 |
| 2024-06-06 | CVE-2024-2624 | Path Traversal vulnerability in Lollms web UI A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the `@router.get("/switch_personal_path")` endpoint in `./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py`. | 9.8 |
| 2024-06-06 | CVE-2024-2928 | Path Traversal vulnerability in Lfprojects Mlflow A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. | 7.5 |
| 2024-06-06 | CVE-2024-2914 | Path Traversal vulnerability in DJL Deep Java Library 0.26.0 A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. | 8.8 |
| 2024-06-06 | CVE-2024-5505 | Path Traversal vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. | 8.8 |
| 2024-06-06 | CVE-2024-34832 | Path Traversal vulnerability in Cubecart Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters. | 9.8 |
| 2024-06-06 | CVE-2024-28995 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | 7.5 |
| 2024-06-06 | CVE-2024-5153 | Path Traversal vulnerability in Web-Shop-Host Startklar Elmentor Addons 1.7.15 The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzone_hash' parameter. | 9.8 |
| 2024-06-06 | CVE-2024-5179 | Path Traversal vulnerability in Codeless Cowidgets Elementor Addons The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.1 via the 'item_style' and 'style' parameters. | 8.8 |
| 2024-06-04 | CVE-2024-34384 | Path Traversal vulnerability in Sinaextra Sina Extension for Elementor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SinaExtra Sina Extension for Elementor allows PHP Local File Inclusion.This issue affects Sina Extension for Elementor: from n/a through 3.5.1. | 8.8 |