Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2023-34880 | Path Traversal vulnerability in Cmseasy 7.7.7.7 cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. | 9.8 |
| 2023-06-15 | CVE-2023-2270 | Path Traversal vulnerability in Netskope The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. | 7.8 |
| 2023-06-14 | CVE-2023-34865 | Path Traversal vulnerability in Ujcms 6.0.2 Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. | 9.8 |
| 2023-06-14 | CVE-2023-3241 | Path Traversal vulnerability in Otcms A vulnerability was found in OTCMS up to 6.62 and classified as problematic. | 7.5 |
| 2023-06-13 | CVE-2022-42474 | Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests. | 2.7 |
| 2023-06-12 | CVE-2023-34342 | Path Traversal vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering. | 9.1 |
| 2023-06-12 | CVE-2023-30198 | Path Traversal vulnerability in Webbax Winbizpayment 1.0.2 Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php. | 7.5 |
| 2023-06-12 | CVE-2023-34345 | Path Traversal vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure. | 6.5 |
| 2023-06-06 | CVE-2023-34409 | Path Traversal vulnerability in Percona Monitoring and Management 2.0.0/2.2.0/2.2.1 In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. | 9.8 |
| 2023-06-06 | CVE-2023-33747 | Path Traversal vulnerability in Mgt-Commerce Cloudpanel CloudPanel v2.2.2 allows attackers to execute a path traversal. | 7.8 |