Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2022-41761 | Path Traversal vulnerability in Nokia Network Functions Manager for Transport 19.9 An issue was discovered in NOKIA NFM-T R19.9. | 6.5 |
| 2023-12-25 | CVE-2023-30451 | Path Traversal vulnerability in Typo3 11.5.24 In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF]. | 4.9 |
| 2023-12-23 | CVE-2023-6972 | Path Traversal vulnerability in Backupbliss Backup Migration The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. | 9.8 |
| 2023-12-22 | CVE-2023-50731 | Path Traversal vulnerability in Mindsdb MindsDB is a SQL Server for artificial intelligence. | 9.1 |
| 2023-12-22 | CVE-2023-50254 | Path Traversal vulnerability in Deepin Reader Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. | 7.8 |
| 2023-12-21 | CVE-2023-46645 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. | 4.9 |
| 2023-12-19 | CVE-2023-38126 | Path Traversal vulnerability in Softing Edgeaggregator 3.4.0 Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. | 7.2 |
| 2023-12-18 | CVE-2023-6222 | Path Traversal vulnerability in Quttera web Malware Scanner IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks | 7.2 |
| 2023-12-17 | CVE-2023-6900 | Path Traversal vulnerability in Rmountjoy92 Dashmachine 0.54 A vulnerability, which was classified as critical, has been found in rmountjoy92 DashMachine 0.5-4. | 9.1 |
| 2023-12-16 | CVE-2023-6559 | Path Traversal vulnerability in Web-Soudan MW WP Form The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. | 9.8 |