Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2024-22415 Path Traversal vulnerability in Jupyter Language Server Protocol Integration
jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol.
network
low complexity
jupyter CWE-22
critical
9.8
2024-01-16 CVE-2023-2252 Path Traversal vulnerability in Wpwax Directorist
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.
network
low complexity
wpwax CWE-22
2.7
2024-01-15 CVE-2023-6623 Path Traversal vulnerability in Wpdeveloper Essential Blocks
The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks.
network
low complexity
wpdeveloper CWE-22
critical
9.8
2024-01-15 CVE-2023-46749 Path Traversal vulnerability in Apache Shiro
Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default).
network
low complexity
apache CWE-22
6.5
2024-01-15 CVE-2023-48383 Path Traversal vulnerability in Netvision Airpass 2.9.0.200703
NetVision Information airPASS has a path traversal vulnerability within its parameter in a specific URL.
network
low complexity
netvision CWE-22
7.5
2024-01-13 CVE-2023-52288 Path Traversal vulnerability in Sujeetkv Flaskcode
An issue was discovered in the flaskcode package through 0.0.8 for Python.
network
low complexity
sujeetkv CWE-22
7.5
2024-01-13 CVE-2023-52289 Path Traversal vulnerability in Sujeetkv Flaskcode
An issue was discovered in the flaskcode package through 0.0.8 for Python.
network
low complexity
sujeetkv CWE-22
7.5
2024-01-12 CVE-2023-48166 Path Traversal vulnerability in Unify Openscape Voice 10.0
A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system.
network
low complexity
unify CWE-22
7.5
2024-01-12 CVE-2023-49801 Path Traversal vulnerability in Lifplatforms LIF Auth Server
Lif Auth Server is a server for validating logins, managing information, and account recovery for Lif Accounts.
network
low complexity
lifplatforms CWE-22
7.5
2024-01-12 CVE-2010-10011 Path Traversal vulnerability in Acritum Femitter Server 1.04
A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04.
network
low complexity
acritum CWE-22
7.5