Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-14 | CVE-2023-45855 | Path Traversal vulnerability in Qdpm 9.2 qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. | 7.5 |
| 2023-10-13 | CVE-2023-32974 | Path Traversal vulnerability in Qnap Qts, Quts Hero and Qutscloud A path traversal vulnerability has been reported to affect several QNAP operating system versions. | 7.5 |
| 2023-10-13 | CVE-2023-41682 | Path Traversal vulnerability in Fortinet Fortisandbox A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 2.5.0 through 2.5.2 and 2.4.1 and 2.4.0 allows attacker to denial of service via crafted http requests. | 7.5 |
| 2023-10-11 | CVE-2023-4990 | Path Traversal vulnerability in Mcl-Collection Mcl-Net Firmware 4.3.5.8788 Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary files. | 7.5 |
| 2023-10-09 | CVE-2023-45352 | Path Traversal vulnerability in Atos Unify Openscape Common Management 10 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. | 8.8 |
| 2023-10-07 | CVE-2023-36123 | Path Traversal vulnerability in Plain Craft Launcher 2 Project Plain Craft Launcher 2 1.3.9 Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information. | 7.8 |
| 2023-10-06 | CVE-2023-23365 | Path Traversal vulnerability in Qnap Music Station A path traversal vulnerability has been reported to affect Music Station. | 6.5 |
| 2023-10-06 | CVE-2023-23366 | Path Traversal vulnerability in Qnap Music Station A path traversal vulnerability has been reported to affect Music Station. | 6.5 |
| 2023-10-04 | CVE-2023-3512 | Path Traversal vulnerability in Setelsa-Security Conacwin 3.7.1.2/3.8.2.2 Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter. | 7.5 |
| 2023-10-04 | CVE-2023-3701 | Path Traversal vulnerability in Aquaesolutions Aqua Drive 2.4 Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. | 8.8 |