Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2023-07-27 CVE-2020-22623 Path Traversal vulnerability in Insightsoftware Jreport 15.6
Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information.
network
low complexity
insightsoftware CWE-22
7.5
2023-07-25 CVE-2022-31457 Path Traversal vulnerability in RTX Trap Project RTX Trap 1.0
RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/.
network
low complexity
rtx-trap-project CWE-22
7.5
2023-07-25 CVE-2022-46898 Path Traversal vulnerability in Vocera Report Server and Voice Server
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8.
network
low complexity
vocera CWE-22
critical
9.8
2023-07-25 CVE-2022-46900 Path Traversal vulnerability in Vocera Report Server and Voice Server
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8.
network
low complexity
vocera CWE-22
6.5
2023-07-25 CVE-2022-46902 Path Traversal vulnerability in Vocera Report Server and Voice Server
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8.
network
low complexity
vocera CWE-22
7.5
2023-07-25 CVE-2023-33777 Path Traversal vulnerability in Prestashop Amazon
An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack.
network
low complexity
prestashop CWE-22
5.3
2023-07-22 CVE-2023-38633 Path Traversal vulnerability in multiple products
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
local
low complexity
gnome fedoraproject debian CWE-22
5.5
2023-07-20 CVE-2023-30200 Path Traversal vulnerability in Advancedplugins Ultimateimagetool 2.1.02
In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack.
network
low complexity
advancedplugins CWE-22
7.5
2023-07-20 CVE-2023-37601 Path Traversal vulnerability in Mobisystems Office Suite 10.9.1.42602
Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts.
network
low complexity
mobisystems CWE-22
7.5
2023-07-20 CVE-2023-31461 Path Traversal vulnerability in Steelseries GG 36.0.0
Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to create a sub-application that will be executed automatically from a controlled location, because of a path traversal vulnerability.
network
high complexity
steelseries CWE-22
7.5