Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-13 | CVE-2022-25937 | Path Traversal vulnerability in Glance Project Glance Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. | 6.5 |
| 2023-02-13 | CVE-2022-48323 | Path Traversal vulnerability in Sunlogin Sunflower 1.0.1.43315 Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. | 9.8 |
| 2023-02-09 | CVE-2023-24689 | Path Traversal vulnerability in Mojoportal 2.7.0.0 An issue in Mojoportal v2.7.0.0 and below allows an authenticated attacker to list all css files inside the root path of the webserver via manipulation of the "s" parameter in /DesignTools/ManageSkin.aspx | 4.3 |
| 2023-02-09 | CVE-2023-21448 | Path Traversal vulnerability in Samsung Cloud 4.7.0.3/5.1.0.8/5.2.00.7 Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file. | 3.3 |
| 2023-02-09 | CVE-2023-0745 | Path Traversal vulnerability in Yugabyte Yugabytedb Managed The High Availability functionality of Yugabyte Anywhere can be abused to write arbitrary files through the backup upload endpoint by using path traversal characters. This vulnerability is associated with program files PlatformReplicationManager.Java. This issue affects YugabyteDB Anywhere: from 2.0.0.0 through 2.13.0.0 | 9.8 |
| 2023-02-07 | CVE-2021-36471 | Path Traversal vulnerability in Adminlte.Io Adminlte 3.1.0 Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. | 9.8 |
| 2023-02-03 | CVE-2022-47762 | Path Traversal vulnerability in Gin-Vue-Admin Project Gin-Vue-Admin In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability. | 7.5 |
| 2023-02-03 | CVE-2021-36425 | Path Traversal vulnerability in PHPwcms Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file. | 5.4 |
| 2023-02-03 | CVE-2021-37317 | Path Traversal vulnerability in Asus Rt-Ac68U Firmware Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations. | 9.1 |
| 2023-02-02 | CVE-2022-3560 | Path Traversal vulnerability in multiple products A flaw was found in pesign. | 5.5 |