Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-16 | CVE-2022-34126 | Path Traversal vulnerability in Glpi-Project Activity The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter. | 7.5 |
| 2023-04-16 | CVE-2022-34127 | Path Traversal vulnerability in Glpi-Project Manageentities The Managentities plugin before 4.0.2 for GLPI allows reading local files via directory traversal in the inc/cri.class.php file parameter. | 7.5 |
| 2023-04-14 | CVE-2023-26559 | Path Traversal vulnerability in Sync Oxygen Content Fusion and Oxygen XML web Author A directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. | 5.3 |
| 2023-04-14 | CVE-2022-47027 | Path Traversal vulnerability in Timmystudios Fast Typing Keyboard 1.275.1.162 Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution. | 9.8 |
| 2023-04-14 | CVE-2023-27648 | Path Traversal vulnerability in Timmystudios Change Color of Keypad 1.275.1.277 Directory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage. | 9.8 |
| 2023-04-14 | CVE-2023-26969 | Path Traversal vulnerability in Atrocore Atropim 1.5.26 Atropim 1.5.26 is vulnerable to Directory Traversal. | 7.5 |
| 2023-04-13 | CVE-2023-27812 | Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2 bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function. | 9.1 |
| 2023-04-11 | CVE-2022-42470 | Path Traversal vulnerability in Fortinet Forticlient A relative path traversal vulnerability in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attacker to execute unauthorized code or commands via sending a crafted request to a specific named pipe. | 7.8 |
| 2023-04-07 | CVE-2023-29478 | Path Traversal vulnerability in Bibliocraftmod Bibliocraft BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. | 9.8 |
| 2023-04-07 | CVE-2023-26820 | Path Traversal vulnerability in Siteproxy Project Siteproxy 1.0 siteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js. | 7.5 |