Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-22 | CVE-2023-22973 | Path Traversal vulnerability in Open-Emr Openemr A Local File Inclusion (LFI) vulnerability in interface/forms/LBF/new.php in OpenEMR < 7.0.0 allows remote authenticated users to execute code via the formname parameter. | 8.8 |
| 2023-02-22 | CVE-2023-25579 | Path Traversal vulnerability in Nextcloud Server Nextcloud server is a self hosted home cloud product. | 7.5 |
| 2023-02-22 | CVE-2022-41216 | Path Traversal vulnerability in Hybridsoftware Cloudflow 2.0.0/2.3.1 Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential information from the system. | 6.5 |
| 2023-02-22 | CVE-2023-23063 | Path Traversal vulnerability in Cellinx NVT web Server 1.0.6.002B Cellinx NVT v1.0.6.002b was discovered to contain a local file disclosure vulnerability via the component /cgi-bin/GetFileContent.cgi. | 7.5 |
| 2023-02-21 | CVE-2023-26265 | Path Traversal vulnerability in Borg Project Borg The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. | 5.3 |
| 2023-02-16 | CVE-2022-44299 | Path Traversal vulnerability in Sscms Siteserver CMS 7.1.3 SiteServerCMS 7.1.3 sscms has a file read vulnerability. | 4.9 |
| 2023-02-16 | CVE-2023-22380 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. | 6.5 |
| 2023-02-16 | CVE-2022-33892 | Path Traversal vulnerability in Intel Quartus Prime Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-16 | CVE-2022-30299 | Path Traversal vulnerability in Fortinet Fortiweb A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests. | 4.3 |
| 2023-02-16 | CVE-2022-30300 | Path Traversal vulnerability in Fortinet Fortiweb A relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests. | 6.5 |