Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-04 | CVE-2020-26065 | Path Traversal vulnerability in Cisco Catalyst Sd-Wan Manager A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP requests. | 6.5 |
| 2023-08-04 | CVE-2023-38702 | Path Traversal vulnerability in ENG Knowage Knowage is an open source analytics and business intelligence suite. | 8.8 |
| 2023-08-04 | CVE-2023-39143 | Path Traversal vulnerability in Papercut MF PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. | 9.8 |
| 2023-08-04 | CVE-2023-37896 | Path Traversal vulnerability in Projectdiscovery Nuclei Nuclei is a vulnerability scanner. | 7.5 |
| 2023-08-04 | CVE-2023-38708 | Path Traversal vulnerability in Pimcore Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. | 8.8 |
| 2023-08-03 | CVE-2023-38950 | Path Traversal vulnerability in Zkteco Biotime 8.5.5 A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. | 7.5 |
| 2023-08-03 | CVE-2023-38951 | Path Traversal vulnerability in Zkteco Biotime 8.5.5 A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration. | 9.8 |
| 2023-08-03 | CVE-2023-0956 | Path Traversal vulnerability in Tel-Ster Telwin Scada Webinterface External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system. | 7.5 |
| 2023-08-03 | CVE-2023-35081 | Path Traversal vulnerability in Ivanti Endpoint Manager Mobile A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance. | 7.2 |
| 2023-08-03 | CVE-2023-33365 | Path Traversal vulnerability in Supremainc Biostar 2 A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server. | 7.5 |