Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-04 | CVE-2024-34551 | Path Traversal vulnerability in Select-Themes Stockholm 9.6 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6. | 9.8 |
| 2024-06-04 | CVE-2024-34552 | Path Traversal vulnerability in Select-Themes Stockholm 9.6 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through 9.6. | 8.8 |
| 2024-06-04 | CVE-2024-34554 | Path Traversal vulnerability in Select-Themes Stockholm Core 2.4.1 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm Core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through 2.4.1. | 8.8 |
| 2024-06-04 | CVE-2024-35634 | Path Traversal vulnerability in Wow-Company Woocommerce - Recent Purchases 1.0.1 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1. | 4.9 |
| 2024-05-30 | CVE-2024-35428 | Path Traversal vulnerability in Zkteco Zkbio Cvsecurity 6.1.1 ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. | 7.1 |
| 2024-05-30 | CVE-2024-35429 | Path Traversal vulnerability in Zkteco Zkbio Cvsecurity 6.1.1 ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord. | 6.5 |
| 2024-05-08 | CVE-2024-32113 | Path Traversal vulnerability in Apache Ofbiz Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13. Users are recommended to upgrade to version 18.12.13, which fixes the issue. | 9.8 |
| 2024-04-29 | CVE-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files. | 4.9 |
| 2024-04-29 | CVE-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files. | 4.9 |
| 2024-04-17 | CVE-2024-28073 | SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. | 8.4 |