Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-42804 | Path Traversal vulnerability in Bigbluebutton BigBlueButton is an open-source virtual classroom. | 5.3 |
| 2023-10-30 | CVE-2023-43648 | Path Traversal vulnerability in Basercms baserCMS is a website development framework. | 6.5 |
| 2023-10-30 | CVE-2023-46863 | Path Traversal vulnerability in Peppermint Peppermint Ticket Management before 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/users/file/download?filepath=./../ POST request. | 7.5 |
| 2023-10-30 | CVE-2023-46864 | Path Traversal vulnerability in Peppermint Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request. | 5.3 |
| 2023-10-29 | CVE-2005-10002 | Path Traversal vulnerability in Wp-Plugins Secure Files 1.1 A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. | 9.8 |
| 2023-10-26 | CVE-2023-27170 | Path Traversal vulnerability in Xpand-It Write-Back Manager 2.3.1 Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter. | 7.5 |
| 2023-10-26 | CVE-2018-16739 | Path Traversal vulnerability in Abus products An issue was discovered on certain ABUS TVIP devices. | 8.8 |
| 2023-10-26 | CVE-2023-45868 | Path Traversal vulnerability in Ilias 7.25 The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. | 8.1 |
| 2023-10-26 | CVE-2023-30967 | Path Traversal vulnerability in Palantir Orbital Simulator Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system. | 7.5 |
| 2023-10-25 | CVE-2022-38484 | Path Traversal vulnerability in Agevolt An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. | 8.8 |