Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-27 | CVE-2023-1142 | Path Traversal vulnerability in Deltaww Infrasuite Device Master 00.00.01A/00.00.02A In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation. | 9.8 |
| 2023-03-27 | CVE-2022-32199 | Path Traversal vulnerability in Scriptcase db_convert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Deletion by an admin via a directory traversal sequence in the file parameter. | 6.5 |
| 2023-03-26 | CVE-2023-26802 | Path Traversal vulnerability in Dcnglobal Dcbi-Netlog-Lab Firmware 1.0 An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. | 9.8 |
| 2023-03-24 | CVE-2023-27055 | Path Traversal vulnerability in Aver Ptzapp 2 Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access sensitive files via a crafted GET request. | 7.5 |
| 2023-03-23 | CVE-2023-20066 | Path Traversal vulnerability in Cisco IOS XE 16.12.3/17.3.2/17.6.2 A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. | 6.5 |
| 2023-03-22 | CVE-2023-27855 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. | 9.8 |
| 2023-03-22 | CVE-2023-27856 | Path Traversal vulnerability in Rockwellautomation Thinmanager In affected versions, path traversal exists when processing a message of type 8 in Rockwell Automation's ThinManager ThinServer. | 7.5 |
| 2023-03-16 | CVE-2023-21456 | Path Traversal vulnerability in Samsung Android 11.0/12.0/13.0 Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid. | 5.5 |
| 2023-03-15 | CVE-2023-25345 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags. | 7.5 |
| 2023-03-15 | CVE-2023-28371 | Path Traversal vulnerability in Stellarium In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. | 9.8 |