Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2024-10-03 CVE-2024-8352 Path Traversal vulnerability in Hypestudio Social web Suite
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function.
network
low complexity
hypestudio CWE-22
7.5
2024-10-02 CVE-2024-46977 Path Traversal vulnerability in Openc3 Cosmos
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems.
network
low complexity
openc3 CWE-22
6.5
2024-10-02 CVE-2024-20449 Path Traversal vulnerability in Cisco Nexus Dashboard Fabric Controller
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerability is due to improper path validation.
network
low complexity
cisco CWE-22
8.8
2024-10-01 CVE-2024-9224 Path Traversal vulnerability in Kau-Boys Hello World
The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the hello_world_lyric() function.
network
low complexity
kau-boys CWE-22
6.5
2024-09-27 CVE-2024-9301 Path Traversal vulnerability in Netflix E2Nest
A path traversal issue in E2Nest prior to commit 8a41948e553c89c56b14410c6ed395e9cfb9250a
network
low complexity
netflix CWE-22
7.5
2024-09-27 CVE-2024-7149 Path Traversal vulnerability in Themewinter Eventin
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters.
network
low complexity
themewinter CWE-22
8.8
2024-09-27 CVE-2024-47292 Path Traversal vulnerability in Huawei Emui and Harmonyos
Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
local
low complexity
huawei CWE-22
5.5
2024-09-26 CVE-2024-47170 Path Traversal vulnerability in Agnai
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system.
network
low complexity
agnai CWE-22
4.3
2024-09-26 CVE-2024-47171 Path Traversal vulnerability in Agnai
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system.
network
low complexity
agnai CWE-22
4.3
2024-09-26 CVE-2024-8704 Path Traversal vulnerability in Advancedfilemanager Advanced File Manager
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter.
network
low complexity
advancedfilemanager CWE-22
7.2