Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-21 | CVE-2023-6209 | Path Traversal vulnerability in multiple products Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. | 6.5 |
| 2023-11-21 | CVE-2023-21417 | Path Traversal vulnerability in Axis OS Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. | 7.1 |
| 2023-11-21 | CVE-2023-21418 | Path Traversal vulnerability in Axis products Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. | 7.1 |
| 2023-11-20 | CVE-2023-38879 | Path Traversal vulnerability in Os4Ed Opensis 9.0 The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'. | 7.5 |
| 2023-11-17 | CVE-2023-48185 | Path Traversal vulnerability in Terra-Mater Terra-Master Directory Traversal vulnerability in TerraMaster v.s1.0 through v.2.295 allows a remote attacker to obtain sensitive information via a crafted GET request. | 7.5 |
| 2023-11-17 | CVE-2023-22273 | Path Traversal vulnerability in Adobe Robohelp Server Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. | 7.2 |
| 2023-11-17 | CVE-2023-42428 | Path Traversal vulnerability in Cubecart Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to delete directories and files in the system. | 6.5 |
| 2023-11-17 | CVE-2023-47283 | Path Traversal vulnerability in Cubecart Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to obtain files in the system. | 4.9 |
| 2023-11-17 | CVE-2023-45382 | Path Traversal vulnerability in Common-Services Sonice Retour 2.1.0 In the module "SoNice Retour" (sonice_retour) up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. | 7.5 |
| 2023-11-16 | CVE-2023-6021 | Path Traversal vulnerability in RAY Project RAY LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. | 7.5 |