VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-19
CVE-2024-7631
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json.
network
low complexity
CWE-22
4.3
4.3
2025-03-18
CVE-2025-0694
Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.
low complexity
CWE-22
6.6
6.6
2025-03-17
CVE-2025-2363
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0.
network
low complexity
CWE-22
6.3
6.3
2025-03-13
CVE-2025-2264
Path Traversal vulnerability in Santesoft Sante Pacs Server 4.1.0
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe".
network
low complexity
santesoft
CWE-22
7.5
7.5
2025-03-13
CVE-2025-1785
The Download Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.08 via the 'wpdm_newfile' action.
network
low complexity
CWE-22
5.4
5.4
2025-03-12
CVE-2025-2215
A vulnerability classified as critical was found in Doufox up to 0.2.0.
network
low complexity
CWE-22
4.7
4.7
2025-03-11
CVE-2025-27395
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0).
network
low complexity
CWE-22
7.2
7.2
2025-03-11
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0).
network
low complexity
CWE-22
3.8
3.8
2025-03-11
CVE-2025-1661
Path Traversal vulnerability in Pluginus Husky - products Filter Professional for Woocommerce
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the woof_text_search AJAX action.
network
low complexity
pluginus
CWE-22
critical
9.8
9.8
2025-03-07
CVE-2024-10804
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file.
network
low complexity
CWE-22
7.5
7.5
«
Previous
1
2
3
(current)
4
5
...
372
373
»
Next