Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-27 | CVE-2024-0697 | Path Traversal vulnerability in Softaculous Backuply The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.3 via the node_id parameter in the backuply_get_jstree function. | 4.9 |
| 2024-01-26 | CVE-2024-0402 | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. | 9.9 |
| 2024-01-25 | CVE-2023-41474 | Path Traversal vulnerability in Ivanti Avalanche 6.3.4.153 Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. | 6.5 |
| 2024-01-25 | CVE-2024-0882 | Path Traversal vulnerability in Linkwechat 5.1.0 A vulnerability was found in qwdigital LinkWechat 5.1.0. | 7.5 |
| 2024-01-25 | CVE-2023-52076 | Path Traversal vulnerability in Mate-Desktop Atril Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. | 7.8 |
| 2024-01-25 | CVE-2023-50785 | Path Traversal vulnerability in Zohocorp Manageengine Adaudit Plus 7.2 Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal. | 2.7 |
| 2024-01-24 | CVE-2024-23897 | Path Traversal vulnerability in Jenkins Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | 9.8 |
| 2024-01-23 | CVE-2024-23182 | Path Traversal vulnerability in Appleple A-Blog CMS Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to delete arbitrary files on the server. | 8.1 |
| 2024-01-22 | CVE-2022-45792 | Path Traversal vulnerability in Omron Sysmac Studio Project files may contain malicious contents which the software will use to create files on the filesystem. | 7.8 |
| 2024-01-22 | CVE-2024-23768 | Path Traversal vulnerability in Dremio Dremio before 24.3.1 allows path traversal. | 8.8 |