Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-25 | CVE-2023-31861 | Path Traversal vulnerability in Zlmediakit 4.0 ZLMediaKit 4.0 is vulnerable to Directory Traversal. | 7.5 |
| 2023-05-23 | CVE-2023-27507 | Path Traversal vulnerability in Microengine Mailform MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. | 9.8 |
| 2023-05-23 | CVE-2023-28408 | Path Traversal vulnerability in MW WP Form Project MW WP Form 4.4.2 Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service (DoS) condition, and obtain sensitive information depending on settings. | 9.8 |
| 2023-05-23 | CVE-2023-28413 | Path Traversal vulnerability in Snow Monkey Forms Project Snow Monkey Forms 5.0.6 Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and earlier allows a remote unauthenticated attacker to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition. | 9.8 |
| 2023-05-23 | CVE-2020-20012 | Path Traversal vulnerability in Sudytech Webplus PRO 1.4.7.8.401 WebPlus Pro v1.4.7.8.4-01 is vulnerable to Incorrect Access Control. | 9.8 |
| 2023-05-22 | CVE-2023-27067 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx | 7.5 |
| 2023-05-22 | CVE-2023-27066 | Path Traversal vulnerability in Sitecore Experience Platform Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle. | 6.5 |
| 2023-05-19 | CVE-2023-30199 | Path Traversal vulnerability in Webbax Customexporter 1.7.20 Prestashop customexporter <= 1.7.20 is vulnerable to Incorrect Access Control via modules/customexporter/downloads/download.php. | 7.5 |
| 2023-05-18 | CVE-2022-36327 | Path Traversal vulnerability in Westerndigital products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. | 9.8 |
| 2023-05-18 | CVE-2022-36328 | Path Traversal vulnerability in Westerndigital products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. | 4.9 |