Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-22 | CVE-2024-35308 | Path Traversal vulnerability in Pandorafms Pandora FMS 742/746 A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through <777.3. | 8.8 |
2024-10-21 | CVE-2024-49366 | Path Traversal vulnerability in Nginxui Nginx UI Nginx UI is a web user interface for the Nginx web server. | 7.5 |
2024-10-21 | CVE-2024-45309 | Path Traversal vulnerability in Onedev Project Onedev OneDev is a Git server with CI/CD, kanban, and packages. | 7.5 |
2024-10-21 | CVE-2024-47742 | Path Traversal vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple codepaths in the kernel where firmware file names contain string components that are passed through from a device or semi-privileged userspace; the ones I could find (not counting interfaces that require root privileges) are: - lpfc_sli4_request_firmware_update() seems to construct the firmware filename from "ModelName", a string that was previously parsed out of some descriptor ("Vital Product Data") in lpfc_fill_vpd() - nfp_net_fw_find() seems to construct a firmware filename from a model name coming from nfp_hwinfo_lookup(pf->hwinfo, "nffw.partno"), which I think parses some descriptor that was read from the device. (But this case likely isn't exploitable because the format string looks like "netronome/nic_%s", and there shouldn't be any *folders* starting with "netronome/nic_". | 7.8 |
2024-10-21 | CVE-2024-10200 | Path Traversal vulnerability in Wellchoose Administrative Management System Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server. | 7.5 |
2024-10-20 | CVE-2024-49286 | Path Traversal vulnerability in Moridrin SSV Events Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7. | 9.8 |
2024-10-16 | CVE-2024-45711 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. | 8.8 |
2024-10-16 | CVE-2019-25213 | Path Traversal vulnerability in Vasyltech Advanced Access Manager The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. | 7.5 |
2024-10-15 | CVE-2024-9983 | Path Traversal vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | 7.5 |
2024-10-15 | CVE-2024-46898 | Path Traversal vulnerability in Ss-Proj Shirasagi SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. | 7.5 |