Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2023-35844 | Path Traversal vulnerability in Lightdash packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. | 7.5 |
| 2023-06-19 | CVE-2023-35840 | Path Traversal vulnerability in Std42 Elfinder _joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. | 6.5 |
| 2023-06-16 | CVE-2023-25186 | Path Traversal vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 2.8 |
| 2023-06-15 | CVE-2023-34880 | Path Traversal vulnerability in Cmseasy 7.7.7.7 cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. | 9.8 |
| 2023-06-15 | CVE-2023-2270 | Path Traversal vulnerability in Netskope The Netskope client service running with NT\SYSTEM privileges accepts network connections from localhost to start various services and execute commands. | 7.8 |
| 2023-06-14 | CVE-2023-34865 | Path Traversal vulnerability in Ujcms 6.0.2 Directory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature. | 9.8 |
| 2023-06-14 | CVE-2023-3241 | Path Traversal vulnerability in Otcms A vulnerability was found in OTCMS up to 6.62 and classified as problematic. | 7.5 |
| 2023-06-13 | CVE-2022-42474 | Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests. | 2.7 |
| 2023-06-12 | CVE-2023-34342 | Path Traversal vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering. | 9.1 |
| 2023-06-12 | CVE-2023-30198 | Path Traversal vulnerability in Webbax Winbizpayment 1.0.2 Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php. | 7.5 |