Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-25 | CVE-2023-43382 | Path Traversal vulnerability in Iteachyou Dreamer CMS 4.1.3 Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template function. | 8.8 |
| 2023-09-25 | CVE-2023-43256 | Path Traversal vulnerability in Gladysassistant Gladys Assistant A path traversal in Gladys Assistant v4.26.1 and below allows authenticated attackers to extract sensitive files in the host machine by exploiting a non-sanitized user input. | 6.5 |
| 2023-09-25 | CVE-2023-39407 | Path Traversal vulnerability in Huawei Harmonyos 2.0.0 The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity. | 9.1 |
| 2023-09-24 | CVE-2023-5142 | Path Traversal vulnerability in H3C products A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. | 5.3 |
| 2023-09-22 | CVE-2023-38346 | Path Traversal vulnerability in Windriver Vxworks 6.9/7.0 An issue was discovered in Wind River VxWorks 6.9 and 7. | 8.8 |
| 2023-09-21 | CVE-2023-42280 | Path Traversal vulnerability in Springernature Mee-Admin 1.5 mee-admin 1.5 is vulnerable to Directory Traversal. | 7.5 |
| 2023-09-21 | CVE-2023-4760 | Path Traversal vulnerability in Eclipse Remote Application Platform In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. | 9.8 |
| 2023-09-21 | CVE-2015-5467 | Path Traversal vulnerability in Yiiframework YII web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter. | 9.8 |
| 2023-09-20 | CVE-2023-40930 | Path Traversal vulnerability in Skyworth OS 3.0 An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/. | 6.8 |
| 2023-09-20 | CVE-2022-45447 | Path Traversal vulnerability in Prestashop M4 PDF M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. | 6.5 |