VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-03-07
CVE-2024-12035
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cs_widget_file_delete() function in all versions up to, and including, 6.9.
network
low complexity
CWE-22
8.8
8.8
2025-03-06
CVE-2025-2032
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2.
low complexity
CWE-22
3.5
3.5
2025-03-06
CVE-2024-13897
The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22.
network
low complexity
CWE-22
6.5
6.5
2025-03-05
CVE-2024-13471
The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dt_process_imported_file function in all versions up to, and including, 4.7.
network
low complexity
CWE-22
7.5
7.5
2025-03-03
CVE-2024-51958
Path Traversal vulnerability in Esri Arcgis Server 10.9.1/11.1
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3.
network
low complexity
esri
CWE-22
4.9
4.9
2025-03-03
CVE-2024-51966
Path Traversal vulnerability in Esri Arcgis Server 10.9.1/11.1
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3.
network
low complexity
esri
CWE-22
4.9
4.9
2025-03-01
CVE-2024-13910
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'database_backup_ajax_delete' function in all versions up to, and including, 2.35.
network
low complexity
CWE-22
7.2
7.2
2025-02-28
CVE-2025-0823
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-02-27
CVE-2025-1743
A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0.
network
low complexity
CWE-22
5.3
5.3
2025-02-27
CVE-2024-54169
IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
«
Previous
1
2
3
4
(current)
5
6
...
372
373
»
Next