Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-23 | CVE-2023-28413 | Path Traversal vulnerability in Snow Monkey Forms Project Snow Monkey Forms 5.0.6 Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition. | 9.8 |
| 2023-05-23 | CVE-2020-20012 | Path Traversal vulnerability in Sudytech Webplus PRO 1.4.7.8.401 WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control. | 9.8 |
| 2023-05-22 | CVE-2023-27067 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx | 7.5 |
| 2023-05-22 | CVE-2023-27066 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle. | 6.5 |
| 2023-05-19 | CVE-2023-30199 | Path Traversal vulnerability in Webbax Customexporter 1.7.20 Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php. | 7.5 |
| 2023-05-18 | CVE-2022-36327 | Path Traversal vulnerability in Westerndigital products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. | 9.8 |
| 2023-05-18 | CVE-2022-36328 | Path Traversal vulnerability in Westerndigital products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. | 4.9 |
| 2023-05-18 | CVE-2023-32322 | Path Traversal vulnerability in Ombi Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. | 4.9 |
| 2023-05-18 | CVE-2023-20077 | Path Traversal vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. | 6.5 |
| 2023-05-18 | CVE-2023-20087 | Path Traversal vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. | 6.5 |