Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-21 | CVE-2023-3813 | Path Traversal vulnerability in Artbees Jupiter X Core The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 2.5.0. | 7.5 |
| 2023-07-20 | CVE-2023-30200 | Path Traversal vulnerability in Advancedplugins Ultimateimagetool 2.1.02 In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack. | 7.5 |
| 2023-07-20 | CVE-2023-37601 | Path Traversal vulnerability in Mobisystems Office Suite 10.9.1.42602 Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts. | 7.5 |
| 2023-07-20 | CVE-2023-31461 | Path Traversal vulnerability in Steelseries GG 36.0.0 Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to create a sub-application that will be executed automatically from a controlled location, because of a path traversal vulnerability. | 7.5 |
| 2023-07-18 | CVE-2023-2913 | Path Traversal vulnerability in Rockwellautomation Thinmanager 13.0.0/13.0.1/13.0.2 An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. | 6.5 |
| 2023-07-17 | CVE-2023-37476 | Path Traversal vulnerability in Openrefine OpenRefine is a free, open source tool for data processing. | 7.8 |
| 2023-07-17 | CVE-2023-37781 | Path Traversal vulnerability in Emqx 4.3.8 An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file. | 6.5 |
| 2023-07-14 | CVE-2023-38337 | Path Traversal vulnerability in Rswag Project Rswag rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project. | 7.5 |
| 2023-07-13 | CVE-2023-35069 | Path Traversal vulnerability in Biges Bullwark Momentum Series Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal.This issue affects Bullwark: before BLW-2016E-960H. | 7.5 |
| 2023-07-13 | CVE-2023-34135 | Path Traversal vulnerability in Sonicwall Analytics and Global Management System Path Traversal vulnerability in SonicWall GMS and Analytics allows a remote authenticated attacker to read arbitrary files from the underlying file system via web service. | 6.5 |