Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-14 | CVE-2023-27588 | Path Traversal vulnerability in Hasura Graphql Engine Hasura is an open-source product that provides users GraphQL or REST APIs. | 7.5 |
| 2023-03-14 | CVE-2023-1398 | Path Traversal vulnerability in Teacms Project Teacms 2.0 A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. | 8.8 |
| 2023-03-14 | CVE-2023-27500 | Path Traversal vulnerability in SAP Netweaver Application Server Abap An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. | 8.1 |
| 2023-03-08 | CVE-2021-33353 | Path Traversal vulnerability in Wyomind Help Desk Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. | 9.8 |
| 2023-03-08 | CVE-2023-23760 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |
| 2023-03-07 | CVE-2022-41328 | Path Traversal vulnerability in Fortinet Fortios A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. | 7.1 |
| 2023-03-07 | CVE-2022-42476 | Path Traversal vulnerability in Fortinet Fortios and Fortiproxy A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests. | 8.2 |
| 2023-03-06 | CVE-2023-25304 | Path Traversal vulnerability in Prismlauncher Prism Launcher An issue in Prism Launcher up to v6.1 allows attackers to perform a directory traversal via importing a crafted .mrpack file. | 7.8 |
| 2023-03-06 | CVE-2023-26111 | Path Traversal vulnerability in multiple products All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function. | 7.5 |
| 2023-03-06 | CVE-2023-22336 | Path Traversal vulnerability in Dos-Osaka Rakuraku PC Cloud Agent and SS1 Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. | 9.8 |