Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-05 | CVE-2024-47253 | Path Traversal vulnerability in 2N Access Commander In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbitrary remote code execution. | 7.2 |
2024-11-04 | CVE-2024-51582 | Path Traversal vulnerability in Thimpress WP Hotel Booking Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4. | 8.8 |
2024-10-30 | CVE-2024-10005 | Path Traversal vulnerability in Hashicorp Consul A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules. | 5.8 |
2024-10-29 | CVE-2024-5982 | Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. | 9.8 |
2024-10-29 | CVE-2024-7774 | Path Traversal vulnerability in Langchain 0.2.5 A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langchainjs version 0.2.5. | 9.1 |
2024-10-29 | CVE-2024-7962 | Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt 20240628 An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. | 7.5 |
2024-10-28 | CVE-2024-44255 | Path Traversal vulnerability in Apple products A path handling issue was addressed with improved logic. | 7.8 |
2024-10-25 | CVE-2024-48224 | Path Traversal vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile. | 4.9 |
2024-10-25 | CVE-2024-37847 | Path Traversal vulnerability in Radixiot Mango and Mangoapi An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file. | 8.8 |
2024-10-25 | CVE-2024-49381 | Path Traversal vulnerability in Plenti Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. | 7.5 |