Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-7962 | Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt 20240628 An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. | 7.5 |
| 2024-10-28 | CVE-2024-44255 | Path Traversal vulnerability in Apple products A path handling issue was addressed with improved logic. | 7.8 |
| 2024-10-28 | CVE-2024-50453 | Path Traversal vulnerability in Webangon the Pack Elementor Addons Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through 2.0.9. | 8.8 |
| 2024-10-25 | CVE-2024-48224 | Path Traversal vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile. | 4.9 |
| 2024-10-25 | CVE-2024-37847 | Path Traversal vulnerability in Radixiot Mango and Mangoapi An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file. | 8.8 |
| 2024-10-25 | CVE-2024-49381 | Path Traversal vulnerability in Plenti Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. | 7.5 |
| 2024-10-25 | CVE-2024-10379 | Path Traversal vulnerability in Esafenet CDG 5 A vulnerability classified as problematic was found in ESAFENET CDG 5. | 7.5 |
| 2024-10-25 | CVE-2024-10011 | Path Traversal vulnerability in Buddypress The BuddyPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 14.1.0 via the id parameter. | 8.1 |
| 2024-10-25 | CVE-2024-45842 | Path Traversal vulnerability in multiple products Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability. Unintended internal files may be retrieved when processing crafted HTTP requests. | 5.3 |
| 2024-10-24 | CVE-2024-49359 | Path Traversal vulnerability in Zimaspace Zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. | 7.5 |