Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-06 | CVE-2020-21862 | Path Traversal vulnerability in Duxcms Project Duxcms 2.1 Directory traversal vulnerability in DuxCMS 2.1 allows attackers to delete arbitrary files via /admin/AdminBackup/del. | 8.1 |
| 2023-07-06 | CVE-2023-30678 | Path Traversal vulnerability in Samsung Calendar Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file. | 5.5 |
| 2023-07-06 | CVE-2023-24256 | Path Traversal vulnerability in NIO Aspen 3.2.5 An issue in the com.nextev.datastatistic component of NIO EC6 Aspen before v3.3.0 allows attackers to escalate privileges via path traversal. | 7.8 |
| 2023-07-05 | CVE-2023-35975 | Path Traversal vulnerability in Arubanetworks Arubaos An authenticated path traversal vulnerability exists in the ArubaOS command line interface. | 8.1 |
| 2023-06-30 | CVE-2023-32608 | Path Traversal vulnerability in Pleasanter Directory traversal vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server. | 6.5 |
| 2023-06-29 | CVE-2023-33277 | Path Traversal vulnerability in Gira KNX IP Router Firmware 3.1.3683.0/3.3.8.0 The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL. | 7.5 |
| 2023-06-29 | CVE-2023-34598 | Path Traversal vulnerability in Gibbonedu Gibbon 25.0.00 Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response. | 9.8 |
| 2023-06-29 | CVE-2023-34843 | Path Traversal vulnerability in Traggo 0.3.0 Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET request. | 7.5 |
| 2023-06-28 | CVE-2023-32623 | Path Traversal vulnerability in 2Inc Snow Monkey Forms 5.0.7/5.1.1 Directory traversal vulnerability in Snow Monkey Forms v5.1.1 and earlier allows a remote unauthenticated attacker to delete arbitrary files on the server. | 9.1 |
| 2023-06-28 | CVE-2023-3330 | Path Traversal vulnerability in NEC products Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2, WG1800HP, WG1400HP, WG600HP, WG300HP, WF300HP, WR9500N, WR9300N, WR8750N, WR8700N, WR8600N, WR8370N, WR8175N and WR8170N all versions allows a attacker to obtain specific files in the product. | 4.3 |