Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-30967 | Path Traversal vulnerability in Palantir Orbital Simulator Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system. | 7.5 |
| 2023-10-25 | CVE-2022-38484 | Path Traversal vulnerability in Agevolt An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. | 8.8 |
| 2023-10-25 | CVE-2022-38485 | Path Traversal vulnerability in Agevolt A directory traversal vulnerability exists in the AgeVolt Portal prior to version 0.1 that leads to Information Disclosure. | 6.5 |
| 2023-10-25 | CVE-2023-37913 | Path Traversal vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-10-25 | CVE-2023-46119 | Path Traversal vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2023-10-25 | CVE-2023-46346 | Path Traversal vulnerability in Myprestamodules Exportproducts 4.1.1 In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. | 7.5 |
| 2023-10-23 | CVE-2023-37532 | Path Traversal vulnerability in Hcltech Commerce 9.1.13.2/9.1.8 HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system. | 4.3 |
| 2023-10-23 | CVE-2023-46122 | Path Traversal vulnerability in Scala-Sbt IO and SBT sbt is a build tool for Scala, Java, and others. | 7.1 |
| 2023-10-23 | CVE-2021-26736 | Path Traversal vulnerability in Zscaler Client Connector Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. | 7.8 |
| 2023-10-22 | CVE-2021-46897 | Path Traversal vulnerability in Wagtailcrx Codered Extensions views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media. | 6.5 |