Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-25 | CVE-2023-39407 | Path Traversal vulnerability in Huawei Harmonyos 2.0.0 The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity. | 9.1 |
| 2023-09-24 | CVE-2023-5142 | Path Traversal vulnerability in H3C products A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. | 5.3 |
| 2023-09-22 | CVE-2023-38346 | Path Traversal vulnerability in Windriver Vxworks 6.9/7.0 An issue was discovered in Wind River VxWorks 6.9 and 7. | 8.8 |
| 2023-09-21 | CVE-2023-42280 | Path Traversal vulnerability in Springernature Mee-Admin 1.5 mee-admin 1.5 is vulnerable to Directory Traversal. | 7.5 |
| 2023-09-21 | CVE-2023-4760 | Path Traversal vulnerability in Eclipse Remote Application Platform In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. | 9.8 |
| 2023-09-21 | CVE-2023-4152 | Path Traversal vulnerability in Frauscher Diagnostic System 101 1.3.3/1.4.24 Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication. | 7.5 |
| 2023-09-21 | CVE-2015-5467 | Path Traversal vulnerability in Yiiframework YII web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter. | 9.8 |
| 2023-09-20 | CVE-2023-40930 | Path Traversal vulnerability in Skyworth OS 3.0 An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/. | 6.8 |
| 2023-09-20 | CVE-2022-45447 | Path Traversal vulnerability in Prestashop M4 PDF M4 PDF plugin for Prestashop sites, in its 3.2.3 version and before, is vulnerable to a directory traversal vulnerability. | 6.5 |
| 2023-09-20 | CVE-2023-43616 | Path Traversal vulnerability in Schollz Croc An issue was discovered in Croc through 9.6.5. | 5.5 |