Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-23366 | Path Traversal vulnerability in Qnap Music Station A path traversal vulnerability has been reported to affect Music Station. | 6.5 |
| 2023-10-04 | CVE-2023-3512 | Path Traversal vulnerability in Setelsa-Security Conacwin 3.7.1.2/3.8.2.2 Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter. | 7.5 |
| 2023-10-04 | CVE-2023-3701 | Path Traversal vulnerability in Aquaesolutions Aqua Drive 2.4 Aqua Drive, in its 2.4 version, is vulnerable to a relative path traversal vulnerability. | 8.8 |
| 2023-10-03 | CVE-2023-26152 | Path Traversal vulnerability in Nbluis Static-Server All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js. | 7.5 |
| 2023-10-03 | CVE-2023-43627 | Path Traversal vulnerability in Furunosystems Acera 1310 Firmware and Acera 1320 Firmware Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. | 5.7 |
| 2023-09-28 | CVE-2023-43044 | Path Traversal vulnerability in IBM License Metric Tool IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-09-27 | CVE-2023-40532 | Path Traversal vulnerability in Collne Welcart Path traversal vulnerability in Welcart e-Commerce versions 2.7 to 2.8.21 allows a user with author or higher privilege to obtain partial information of the files on the web server. | 4.3 |
| 2023-09-27 | CVE-2023-42657 | Path Traversal vulnerability in Progress WS FTP Server In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system. | 9.6 |
| 2023-09-27 | CVE-2023-43825 | Path Traversal vulnerability in Ekakin Shihonkanri Plus 9.0.3 Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product.. | 7.8 |
| 2023-09-27 | CVE-2023-2315 | Path Traversal vulnerability in Opencart Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server | 8.8 |