Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2024-6097 | Path Traversal vulnerability in Progress Telerik Reporting In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability. | 5.3 |
| 2025-02-12 | CVE-2024-11343 | Path Traversal vulnerability in Progress Telerik Document Processing Libraries In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205), unzipping an archive can lead to arbitrary file system access. | 8.8 |
| 2025-02-12 | CVE-2025-0332 | Path Traversal vulnerability in Telerik UI for Winforms In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory. | 9.8 |
| 2025-02-07 | CVE-2025-1106 | A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. | 5.4 |
| 2025-02-07 | CVE-2025-25163 | Path Traversal vulnerability in Pluginab Plugin A/B Image Optimizer Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer allows Path Traversal. | 9.8 |
| 2025-02-06 | CVE-2025-0859 | The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. | 6.5 |
| 2025-02-06 | CVE-2025-0799 | IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories. | 6.5 |
| 2025-02-03 | CVE-2025-0973 | Path Traversal vulnerability in Cmseasy 7.7.7.9 A vulnerability classified as critical was found in CmsEasy 7.7.7.9. | 6.5 |
| 2025-02-01 | CVE-2025-0365 | Path Traversal vulnerability in Artbees Jupiter X Core The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG feature. | 6.5 |
| 2025-02-01 | CVE-2024-51534 | Path Traversal vulnerability in Dell Data Domain Operating System Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. | 7.1 |