Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-4274 | Path Traversal vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 0.9.89. | 6.5 |
| 2023-10-20 | CVE-2023-5414 | Path Traversal vulnerability in Icegram Express The Icegram Express plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.6.23 via the show_es_logs function. | 7.2 |
| 2023-10-19 | CVE-2023-45823 | Path Traversal vulnerability in Artifacthub HUB Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. | 7.5 |
| 2023-10-19 | CVE-2023-45277 | Path Traversal vulnerability in Spaceapplications Yamcs 5.8.6 Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). | 7.5 |
| 2023-10-19 | CVE-2023-45278 | Path Traversal vulnerability in Spaceapplications Yamcs 5.8.6 Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request. | 9.1 |
| 2023-10-19 | CVE-2023-31046 | Path Traversal vulnerability in Papercut MF A Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. | 6.5 |
| 2023-10-19 | CVE-2023-5212 | Path Traversal vulnerability in Quantumcloud AI Chatbot The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. | 8.1 |
| 2023-10-19 | CVE-2023-5241 | Path Traversal vulnerability in Quantumcloud AI Chatbot The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. | 8.1 |
| 2023-10-18 | CVE-2023-45383 | Path Traversal vulnerability in Common-Services Sonice Etiquetage 2.5.9 In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. | 7.5 |
| 2023-10-18 | CVE-2023-39331 | Path Traversal vulnerability in Nodejs Node.Js A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. | 7.5 |