Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-6026 | Path Traversal vulnerability in Elijaa PHPmemcachedadmin 1.3.0 A Path traversal vulnerability has been reported in elijaa/phpmemcachedadmin affecting version 1.3.0. | 9.1 |
| 2023-11-30 | CVE-2023-47464 | Path Traversal vulnerability in Gl-Inet Gl-Ax1800 Firmware 4.0.0/4.3.7/4.4.6 Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function. | 8.8 |
| 2023-11-29 | CVE-2023-46886 | Path Traversal vulnerability in Dreamer CMS Project Dreamer CMS Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. | 9.1 |
| 2023-11-28 | CVE-2023-48848 | Path Traversal vulnerability in Ureport Project Ureport 2.2.9 An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path. | 7.5 |
| 2023-11-28 | CVE-2023-3533 | Path Traversal vulnerability in Chamilo Path traversal in file upload functionality in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary file write. | 9.8 |
| 2023-11-27 | CVE-2023-5885 | Path Traversal vulnerability in Franklinfueling Colibri Firmware The discontinued FFS Colibri product allows a remote user to access files on the system including files containing login credentials for other users. | 6.5 |
| 2023-11-27 | CVE-2022-41951 | Path Traversal vulnerability in Oroinc Oroplatform OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. | 9.8 |
| 2023-11-27 | CVE-2023-42000 | Path Traversal vulnerability in Arcserve UDP Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). | 9.8 |
| 2023-11-27 | CVE-2023-5607 | Path Traversal vulnerability in Trellix Application and Change Control An improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension, for on-premises ePO servers, prior to version 8.4.0 could lead to an authorised administrator attacker executing arbitrary code through uploading a specially crafted GTI reputation file. | 7.2 |
| 2023-11-27 | CVE-2023-6307 | Path Traversal vulnerability in Jeecg Jimureport A vulnerability classified as critical was found in jeecgboot JimuReport up to 1.6.1. | 9.8 |