Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-27170 | Path Traversal vulnerability in Xpand-It Write-Back Manager 2.3.1 Xpand IT Write-back manager v2.3.1 allows attackers to perform a directory traversal via modification of the siteName parameter. | 7.5 |
| 2023-10-26 | CVE-2018-16739 | Path Traversal vulnerability in Abus products An issue was discovered on certain ABUS TVIP devices. | 8.8 |
| 2023-10-26 | CVE-2023-45868 | Path Traversal vulnerability in Ilias 7.25 The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an attacker (with basic user privileges) to achieve a high-impact Directory Traversal attack on confidentiality and availability. | 8.1 |
| 2023-10-26 | CVE-2023-30967 | Path Traversal vulnerability in Palantir Orbital Simulator Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system. | 7.5 |
| 2023-10-25 | CVE-2022-38484 | Path Traversal vulnerability in Agevolt An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. | 8.8 |
| 2023-10-25 | CVE-2022-38485 | Path Traversal vulnerability in Agevolt A directory traversal vulnerability exists in the AgeVolt Portal prior to version 0.1 that leads to Information Disclosure. | 6.5 |
| 2023-10-25 | CVE-2023-37913 | Path Traversal vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.8 |
| 2023-10-25 | CVE-2023-46119 | Path Traversal vulnerability in Parseplatform Parse-Server Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. | 7.5 |
| 2023-10-25 | CVE-2023-46346 | Path Traversal vulnerability in Myprestamodules Exportproducts 4.1.1 In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. | 7.5 |
| 2023-10-23 | CVE-2023-37532 | Path Traversal vulnerability in Hcltech Commerce 9.1.13.2/9.1.8 HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system. | 4.3 |