Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-46307 | Path Traversal vulnerability in Buddho Etcd Browser An issue was discovered in server.js in etcd-browser 87ae63d75260. | 7.5 |
| 2023-12-04 | CVE-2023-5105 | Path Traversal vulnerability in Najeebmedia Frontend File Manager Plugin The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as `wp-config.php` | 6.5 |
| 2023-12-04 | CVE-2023-44306 | Path Traversal vulnerability in Dell Dm5500 Firmware 5.14.0.0 Dell DM5500 contains a path traversal vulnerability in the appliance. | 6.5 |
| 2023-12-04 | CVE-2023-49108 | Path Traversal vulnerability in Sei-Info Rakrak Document Plus Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). | 8.8 |
| 2023-12-03 | CVE-2018-25094 | Path Traversal vulnerability in Kotchasan Online Accounting System 1.4.0 A vulnerability was found in ???????????????? Online Accounting System up to 1.4.0 and classified as problematic. | 7.5 |
| 2023-11-30 | CVE-2023-47279 | Path Traversal vulnerability in Deltaww Infrasuite Device Master 1.0.7 In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | 7.5 |
| 2023-11-30 | CVE-2021-35975 | Path Traversal vulnerability in Systematica products Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. | 5.3 |
| 2023-11-30 | CVE-2023-46690 | Path Traversal vulnerability in Deltaww Infrasuite Device Master 1.0.7 In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an attacker to write to any file to any location of the filesystem, which could lead to remote code execution. | 8.8 |
| 2023-11-30 | CVE-2023-49735 | Path Traversal vulnerability in Apache Tiles 2.0 ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. | 7.5 |
| 2023-11-30 | CVE-2023-6352 | Path Traversal vulnerability in Aquaforest Tiff Server 4.2.210913 The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. | 5.3 |