Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-18 | CVE-2024-22415 | Path Traversal vulnerability in Jupyter Language Server Protocol Integration jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. | 9.8 |
2024-01-16 | CVE-2023-2252 | Path Traversal vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. | 2.7 |
2024-01-15 | CVE-2023-6623 | Path Traversal vulnerability in Wpdeveloper Essential Blocks The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks. | 9.8 |
2024-01-15 | CVE-2023-46749 | Path Traversal vulnerability in Apache Shiro Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default). | 6.5 |
2024-01-15 | CVE-2023-48383 | Path Traversal vulnerability in Netvision Airpass 2.9.0.200703 NetVision Information airPASS has a path traversal vulnerability within its parameter in a specific URL. | 7.5 |
2024-01-13 | CVE-2023-52288 | Path Traversal vulnerability in Sujeetkv Flaskcode An issue was discovered in the flaskcode package through 0.0.8 for Python. | 7.5 |
2024-01-13 | CVE-2023-52289 | Path Traversal vulnerability in Sujeetkv Flaskcode An issue was discovered in the flaskcode package through 0.0.8 for Python. | 7.5 |
2024-01-12 | CVE-2023-48166 | Path Traversal vulnerability in Unify Openscape Voice 10.0 A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. | 7.5 |
2024-01-12 | CVE-2023-49801 | Path Traversal vulnerability in Lifplatforms LIF Auth Server Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts. | 7.5 |
2024-01-12 | CVE-2010-10011 | Path Traversal vulnerability in Acritum Femitter Server 1.04 A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. | 7.5 |