Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-17 | CVE-2023-34208 | Path Traversal vulnerability in Easyuse Mailhunter Ultimate 2020/2023 Path Traversal in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to extract files into arbitrary directories via a crafted ZIP archive. | 6.5 |
| 2023-10-16 | CVE-2023-43121 | Path Traversal vulnerability in Extremenetworks Exos 31.7.0/31.7.1/32.0 A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files. | 7.5 |
| 2023-10-16 | CVE-2023-45685 | Path Traversal vulnerability in Southrivertech Titan MFT Server and Titan Sftp Server Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal | 9.1 |
| 2023-10-16 | CVE-2023-45686 | Path Traversal vulnerability in Southrivertech Titan MFP Server Insufficient path validation when writing a file via WebDAV in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversal | 7.2 |
| 2023-10-16 | CVE-2023-45688 | Path Traversal vulnerability in Southrivertech Titan MFT Server and Titan Sftp Server Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to get the size of an arbitrary file on the filesystem using path traversal in the ftp "SIZE" command | 4.3 |
| 2023-10-16 | CVE-2023-45689 | Path Traversal vulnerability in Southrivertech Titan MFT Server and Titan Sftp Server Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversal | 6.5 |
| 2023-10-16 | CVE-2023-21415 | Path Traversal vulnerability in Axis products Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. | 8.1 |
| 2023-10-15 | CVE-2023-5588 | Path Traversal vulnerability in Kpherox Pleroma A vulnerability was found in kphrx pleroma. | 5.3 |
| 2023-10-15 | CVE-2023-38312 | Path Traversal vulnerability in Valvesoftware Counter-Strike 8684 A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable. | 7.5 |
| 2023-10-14 | CVE-2022-33165 | Path Traversal vulnerability in IBM Security Directory Integrator 7.2.0 IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. | 7.5 |