Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-01 | CVE-2023-29159 | Path Traversal vulnerability in Encode Starlette Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette. | 7.5 |
| 2023-05-31 | CVE-2023-2909 | Path Traversal vulnerability in Asustor ADM EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. | 10.0 |
| 2023-05-31 | CVE-2023-2435 | Path Traversal vulnerability in Blog-In-Blog Project Blog-In-Blog 1.1.1 The Blog-in-Blog plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.1 via a shortcode attribute. | 7.2 |
| 2023-05-31 | CVE-2023-30197 | Path Traversal vulnerability in Webbax Myinventory 1.6.6 Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack. | 7.5 |
| 2023-05-31 | CVE-2022-47526 | Path Traversal vulnerability in Fox-It FOX Datadiode Firmware 3.4.3 Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. | 9.8 |
| 2023-05-30 | CVE-2022-36243 | Path Traversal vulnerability in Shopbeat Shop Beat Media Player 2.5.95 Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. | 5.3 |
| 2023-05-30 | CVE-2023-33177 | Path Traversal vulnerability in Xibosignage Xibo Xibo is a content management system (CMS). | 8.8 |
| 2023-05-30 | CVE-2023-30196 | Path Traversal vulnerability in Webbax Salesbooster 1.10.4 Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules/salesbooster/downloads/download.php. | 7.5 |
| 2023-05-29 | CVE-2022-24629 | Path Traversal vulnerability in Audiocodes Device Manager Express An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. | 9.8 |
| 2023-05-29 | CVE-2022-24632 | Path Traversal vulnerability in Audiocodes Device Manager Express An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. | 5.3 |