Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-21415 | Path Traversal vulnerability in Axis products Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. | 8.1 |
| 2023-10-15 | CVE-2023-38312 | Path Traversal vulnerability in Valvesoftware Counter-Strike 8684 A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable. | 7.5 |
| 2023-10-14 | CVE-2022-33165 | Path Traversal vulnerability in IBM Security Directory Integrator 7.2.0 IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-10-14 | CVE-2023-45855 | Path Traversal vulnerability in Qdpm 9.2 qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. | 7.5 |
| 2023-10-13 | CVE-2023-32974 | Path Traversal vulnerability in Qnap Qts, Quts Hero and Qutscloud A path traversal vulnerability has been reported to affect several QNAP operating system versions. | 7.5 |
| 2023-10-13 | CVE-2023-41682 | Path Traversal vulnerability in Fortinet Fortisandbox A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 2.5.0 through 2.5.2 and 2.4.1 and 2.4.0 allows attacker to denial of service via crafted http requests. | 7.5 |
| 2023-10-11 | CVE-2023-4990 | Path Traversal vulnerability in Mcl-Collection Mcl-Net Firmware 4.3.5.8788 Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary files. | 7.5 |
| 2023-10-09 | CVE-2023-45352 | Path Traversal vulnerability in Atos Unify Openscape Common Management 10 Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. | 8.8 |
| 2023-10-07 | CVE-2023-36123 | Path Traversal vulnerability in Plain Craft Launcher 2 Project Plain Craft Launcher 2 1.3.9 Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information. | 7.8 |
| 2023-10-06 | CVE-2023-23365 | Path Traversal vulnerability in Qnap Music Station A path traversal vulnerability has been reported to affect Music Station. | 6.5 |