Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-04 | CVE-2024-20805 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-03 | CVE-2023-37607 | Path Traversal vulnerability in Automaticsystems SOC Fl9600 Firstlane Firmware 06 Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. | 7.5 |
| 2024-01-03 | CVE-2023-47473 | Path Traversal vulnerability in Fuwushe Ifair 23.8Ad0 Directory Traversal vulnerability in fuwushe.org iFair versions 23.8_ad0 and before allows an attacker to obtain sensitive information via a crafted script. | 7.5 |
| 2024-01-03 | CVE-2023-45722 | Path Traversal vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. | 9.8 |
| 2024-01-03 | CVE-2023-45723 | Path Traversal vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. | 9.8 |
| 2023-12-29 | CVE-2023-7114 | Path Traversal vulnerability in Mattermost Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker to perform CSRF attacks against the server. | 8.8 |
| 2023-12-28 | CVE-2023-7134 | Path Traversal vulnerability in Oretnom23 Medicine Tracker System 1.0 A vulnerability was found in SourceCodester Medicine Tracking System 1.0. | 9.8 |
| 2023-12-26 | CVE-2023-5672 | Path Traversal vulnerability in Wpvibes WP Mail LOG The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files. | 6.5 |
| 2023-12-26 | CVE-2023-5991 | Path Traversal vulnerability in Motopress Hotel Booking Lite The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the server | 9.8 |
| 2023-12-25 | CVE-2022-41760 | Path Traversal vulnerability in Nokia Network Functions Manager for Transport 19.9 An issue was discovered in NOKIA NFM-T R19.9. | 6.5 |