Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2022-45783 | Path Traversal vulnerability in Dotcms An issue was discovered in dotCMS core 4.x through 22.10.2. | 6.5 |
| 2023-02-01 | CVE-2023-23136 | Path Traversal vulnerability in Lmxcms 1.41 lmxcms v1.41 was discovered to contain an arbitrary file deletion vulnerability via BackdbAction.class.php. | 6.5 |
| 2023-02-01 | CVE-2023-0454 | Path Traversal vulnerability in Orangescrum 2.0.11 OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. | 8.1 |
| 2023-02-01 | CVE-2022-47768 | Path Traversal vulnerability in Serinf Fast Checkin 1.0 Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal. | 7.5 |
| 2023-01-31 | CVE-2022-46835 | Path Traversal vulnerability in Sailpoint Identityiq IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950. | 7.5 |
| 2023-01-31 | CVE-2023-0591 | Path Traversal vulnerability in UBI Reader Project UBI Reader ubireader_extract_files is vulnerable to path traversal when run against specifically crafted UBIFS files, allowing the attacker to overwrite files outside of the extraction directory (provided the process has write access to that file or directory). This is due to the fact that a node name (dent_node.name) is considered trusted and joined to the extraction directory path during processing, then the node content is written to that joined path. | 5.5 |
| 2023-01-31 | CVE-2023-0592 | Path Traversal vulnerability in Jefferson Project Jefferson 0.3/0.4 A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. | 5.5 |
| 2023-01-31 | CVE-2023-0593 | Path Traversal vulnerability in Yaffshiv Project Yaffshiv 0.1 A path traversal vulnerability affects yaffshiv YAFFS filesystem extractor. | 5.5 |
| 2023-01-31 | CVE-2022-39059 | Path Traversal vulnerability in Changingtec Megaservisignadapter 1.0.17.0823 ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. | 7.5 |
| 2023-01-30 | CVE-2022-22731 | Path Traversal vulnerability in Schneider-Electric Ecostruxure Power Commission A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in a function that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause path traversal attacks. | 9.8 |