Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-25 | CVE-2023-50785 | Path Traversal vulnerability in Zohocorp Manageengine Adaudit Plus 7.2 Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal. | 2.7 |
| 2024-01-24 | CVE-2024-23897 | Path Traversal vulnerability in Jenkins Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | 9.8 |
| 2024-01-23 | CVE-2024-22204 | Path Traversal vulnerability in Benbusby Whoogle Search Whoogle Search is a self-hosted metasearch engine. | 5.3 |
| 2024-01-23 | CVE-2024-23182 | Path Traversal vulnerability in Appleple A-Blog CMS Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to delete arbitrary files on the server. | 8.1 |
| 2024-01-22 | CVE-2024-23340 | Path Traversal vulnerability in Hono Node-Server @hono/node-server is an adapter that allows users to run Hono applications on Node.js. | 5.3 |
| 2024-01-22 | CVE-2022-45792 | Path Traversal vulnerability in Omron Sysmac Studio Project files may contain malicious contents which the software will use to create files on the filesystem. | 7.8 |
| 2024-01-22 | CVE-2023-44395 | Path Traversal vulnerability in Autolabproject Autolab Autolab is a course management service that enables instructors to offer autograded programming assignments to their students over the Web. | 6.5 |
| 2024-01-22 | CVE-2024-23768 | Path Traversal vulnerability in Dremio Dremio before 24.3.1 allows path traversal. | 8.8 |
| 2024-01-21 | CVE-2024-0769 | Path Traversal vulnerability in Dlink Dir-859 Firmware 1.06 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. | 9.8 |
| 2024-01-19 | CVE-2023-35020 | Path Traversal vulnerability in IBM Sterling Control Center 6.3.0 IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. | 5.3 |