Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-14 | CVE-2022-47027 | Path Traversal vulnerability in Timmystudios Fast Typing Keyboard 1.275.1.162 Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution. | 9.8 |
| 2023-04-14 | CVE-2023-27648 | Path Traversal vulnerability in Timmystudios Change Color of Keypad 1.275.1.277 Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage. | 9.8 |
| 2023-04-14 | CVE-2023-26969 | Path Traversal vulnerability in Atrocore Atropim 1.5.26 Atropim 1.5.26 is vulnerable to Directory Traversal. | 7.5 |
| 2023-04-13 | CVE-2023-27812 | Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2 bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function. | 9.1 |
| 2023-04-11 | CVE-2022-42470 | Path Traversal vulnerability in Fortinet Forticlient A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe. | 7.8 |
| 2023-04-07 | CVE-2023-29478 | Path Traversal vulnerability in Bibliocraftmod Bibliocraft BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. | 9.8 |
| 2023-04-07 | CVE-2023-26820 | Path Traversal vulnerability in Siteproxy Project Siteproxy 1.0 siteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js. | 7.5 |
| 2023-04-06 | CVE-2020-19678 | Path Traversal vulnerability in multiple products Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php. | 7.5 |
| 2023-04-05 | CVE-2023-20129 | Path Traversal vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 6.5 |
| 2023-04-04 | CVE-2020-19279 | Path Traversal vulnerability in Wide Project Wide Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links. | 9.8 |