Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-24942 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives | 5.3 |
| 2024-02-06 | CVE-2024-24398 | Path Traversal vulnerability in Stimulsoft Dashboards.PHP Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. | 9.8 |
| 2024-02-05 | CVE-2024-0964 | Path Traversal vulnerability in Gradio Project Gradio A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. | 9.4 |
| 2024-02-05 | CVE-2024-0380 | Path Traversal vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. | 4.3 |
| 2024-02-05 | CVE-2023-6989 | Path Traversal vulnerability in Getshieldsecurity Shield Security The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. | 9.8 |
| 2024-02-05 | CVE-2024-0221 | Path Traversal vulnerability in 10Web Photo Gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. | 7.2 |
| 2024-02-05 | CVE-2023-7077 | Path Traversal vulnerability in Sharp products Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request. | 9.8 |
| 2024-02-02 | CVE-2024-0844 | Path Traversal vulnerability in Felixmoira Popup More Popups, Lightboxes, and More Popup Modules The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function. | 7.2 |
| 2024-02-02 | CVE-2023-39611 | Path Traversal vulnerability in Softwarefx Chart FX 7.0.4962.20829 An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attackers to enumerate and read files from the local filesystem by sending crafted web requests. | 7.5 |
| 2024-02-02 | CVE-2024-22851 | Path Traversal vulnerability in Liveconfig Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint. | 7.5 |