Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2023-6989 Path Traversal vulnerability in Getshieldsecurity Shield Security
The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter.
network
low complexity
getshieldsecurity CWE-22
critical
9.8
2024-02-05 CVE-2024-0221 Path Traversal vulnerability in 10Web Photo Gallery
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function.
network
low complexity
10web CWE-22
7.2
2024-02-05 CVE-2023-7077 Path Traversal vulnerability in Sharp products
Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.
network
low complexity
sharp CWE-22
critical
9.8
2024-02-02 CVE-2023-45026 Path Traversal vulnerability in Qnap Qts, Quts Hero and Qutscloud
A path traversal vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-22
4.9
2024-02-02 CVE-2023-45027 Path Traversal vulnerability in Qnap Qts, Quts Hero and Qutscloud
A path traversal vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-22
4.9
2024-02-02 CVE-2024-0844 Path Traversal vulnerability in Felixmoira Popup More Popups, Lightboxes, and More Popup Modules
The Popup More Popups, Lightboxes, and more popup modules plugin for WordPress is vulnerable to Local File Inclusion in version 2.1.6 via the ycfChangeElementData() function.
network
low complexity
felixmoira CWE-22
7.2
2024-02-02 CVE-2023-39611 Path Traversal vulnerability in Softwarefx Chart FX 7.0.4962.20829
An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attackers to enumerate and read files from the local filesystem by sending crafted web requests.
network
low complexity
softwarefx CWE-22
7.5
2024-02-02 CVE-2024-22851 Path Traversal vulnerability in Liveconfig
Directory Traversal Vulnerability in LiveConfig before v.2.5.2 allows a remote attacker to obtain sensitive information via a crafted request to the /static/ endpoint.
network
low complexity
liveconfig CWE-22
7.5
2024-02-02 CVE-2021-22281 Path Traversal vulnerability in Br-Automation Automation Studio
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.
network
low complexity
br-automation CWE-22
7.5
2024-02-02 CVE-2024-24482 Path Traversal vulnerability in Apktool
Aprktool before 2.9.3 on Windows allows ../ and /..
network
low complexity
apktool CWE-22
critical
9.8