Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-04 | CVE-2023-25303 | Path Traversal vulnerability in Atlauncher ATLauncher <= 3.4.26.0 is vulnerable to Directory Traversal. | 7.1 |
| 2023-04-04 | CVE-2023-25305 | Path Traversal vulnerability in Polymc PolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. | 7.1 |
| 2023-04-03 | CVE-2022-43771 | Path Traversal vulnerability in Hitachi Vantara Pentaho Business Analytics Server Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x, using the Pentaho Data Access plugin exposes a service endpoint for CSV import which allows a user supplied path to access resources that are out of bounds. | 6.5 |
| 2023-03-30 | CVE-2023-27534 | Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. | 8.8 |
| 2023-03-30 | CVE-2023-28732 | Path Traversal vulnerability in Acymailing Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. | 7.5 |
| 2023-03-28 | CVE-2023-27700 | Path Traversal vulnerability in Muyucms Project Muyucms 2.2 MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /accessory/picdel.html. | 8.1 |
| 2023-03-27 | CVE-2022-48361 | Path Traversal vulnerability in Huawei Emui and Harmonyos The Always On Display (AOD) has a path traversal vulnerability in theme files. | 5.3 |
| 2023-03-27 | CVE-2023-0241 | Path Traversal vulnerability in Postgresql Pgadmin 4 pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. | 6.5 |
| 2023-03-27 | CVE-2023-0467 | Path Traversal vulnerability in Wppool WP Dark Mode The WP Dark Mode WordPress plugin before 4.0.8 does not properly sanitize the style parameter in shortcodes before using it to load a PHP template. | 4.3 |
| 2023-03-27 | CVE-2023-1134 | Path Traversal vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a path traversal vulnerability, which could allow an attacker to read local files, disclose plaintext credentials, and escalate privileges. | 8.8 |