Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-24591 | Path Traversal vulnerability in Clear Clearml 1.14.1/1.4.0 A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with. | 8.8 |
| 2024-02-06 | CVE-2024-23673 | Path Traversal vulnerability in Apache Sling Servlets Resolver Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. | 7.5 |
| 2024-02-06 | CVE-2024-24938 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation | 5.3 |
| 2024-02-06 | CVE-2024-24940 | Path Traversal vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | 4.3 |
| 2024-02-06 | CVE-2024-24942 | Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives | 5.3 |
| 2024-02-06 | CVE-2024-24398 | Path Traversal vulnerability in Stimulsoft Dashboards.PHP Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. | 9.8 |
| 2024-02-05 | CVE-2024-0964 | Path Traversal vulnerability in Gradio Project Gradio A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request. | 9.4 |
| 2024-02-05 | CVE-2024-0380 | Path Traversal vulnerability in Bootstrapped WP Recipe Maker The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 9.1.0 via the 'icon' attribute used in Shortcodes. | 4.3 |
| 2024-02-05 | CVE-2023-6989 | Path Traversal vulnerability in Getshieldsecurity Shield Security The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. | 9.8 |
| 2024-02-05 | CVE-2024-0221 | Path Traversal vulnerability in 10Web Photo Gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.8.19 via the rename_item function. | 7.2 |