Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-30 | CVE-2024-22523 | Path Traversal vulnerability in Fuwushe Ifair 23.8Ad0 Directory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uploadimage component. | 7.5 |
2024-01-29 | CVE-2024-23334 | Path Traversal vulnerability in multiple products aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 7.5 |
2024-01-29 | CVE-2023-30970 | Path Traversal vulnerability in Palantir products Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system. | 6.5 |
2024-01-29 | CVE-2024-23822 | Path Traversal vulnerability in Thruk Thruk is a multibackend monitoring webinterface. | 9.8 |
2024-01-29 | CVE-2024-23827 | Path Traversal vulnerability in Nginxui Nginx UI Nginx-UI is a web interface to manage Nginx configurations. | 9.8 |
2024-01-29 | CVE-2024-0989 | Path Traversal vulnerability in Kuerp Project Kuerp 1.0.4 A vulnerability, which was classified as problematic, has been found in Sichuan Yougou Technology KuERP up to 1.0.4. | 9.8 |
2024-01-27 | CVE-2024-0697 | Path Traversal vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. | 4.9 |
2024-01-26 | CVE-2024-0402 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. | 9.9 |
2024-01-25 | CVE-2023-41474 | Path Traversal vulnerability in Ivanti Avalanche 6.3.4.153 Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. | 6.5 |
2024-01-25 | CVE-2024-0882 | Path Traversal vulnerability in Linkwechat 5.1.0 A vulnerability was found in qwdigital LinkWechat 5.1.0. | 7.5 |