Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-27 | CVE-2020-22623 | Path Traversal vulnerability in Insightsoftware Jreport 15.6 Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information. | 7.5 |
2023-07-25 | CVE-2022-31457 | Path Traversal vulnerability in RTX Trap Project RTX Trap 1.0 RTX TRAP v1.0 allows attackers to perform a directory traversal via a crafted request sent to the endpoint /data/. | 7.5 |
2023-07-25 | CVE-2022-46898 | Path Traversal vulnerability in Vocera Report Server and Voice Server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. | 9.8 |
2023-07-25 | CVE-2022-46900 | Path Traversal vulnerability in Vocera Report Server and Voice Server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. | 6.5 |
2023-07-25 | CVE-2022-46902 | Path Traversal vulnerability in Vocera Report Server and Voice Server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. | 7.5 |
2023-07-25 | CVE-2023-33777 | Path Traversal vulnerability in Prestashop Amazon An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows attackers to execute a directory traversal attack. | 5.3 |
2023-07-22 | CVE-2023-38633 | Path Traversal vulnerability in multiple products A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. | 5.5 |
2023-07-20 | CVE-2023-30200 | Path Traversal vulnerability in Advancedplugins Ultimateimagetool 2.1.02 In the module “Image: WebP, Compress, Zoom, Lazy load, Alt & More” (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack. | 7.5 |
2023-07-20 | CVE-2023-37601 | Path Traversal vulnerability in Mobisystems Office Suite 10.9.1.42602 Office Suite Premium v10.9.1.42602 was discovered to contain a local file inclusion (LFI) vulnerability via the component /etc/hosts. | 7.5 |
2023-07-20 | CVE-2023-31461 | Path Traversal vulnerability in Steelseries GG 36.0.0 Attackers can exploit an open API listener on SteelSeries GG 36.0.0 to create a sub-application that will be executed automatically from a controlled location, because of a path traversal vulnerability. | 7.5 |