Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-8941 | Path Traversal vulnerability in Scriptcase 9.4.019 Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a path used in the POST parameter “field_file” by a web application. | 5.3 |
| 2024-09-24 | CVE-2024-8671 | Path Traversal vulnerability in Exthemes Wooevents The WooEvents - Calendar and Event Booking plugin for WordPress is vulnerable to arbitrary file overwrite due to insufficient file path validation in the inc/barcode.php file in all versions up to, and including, 4.1.2. | 9.1 |
| 2024-09-21 | CVE-2024-6786 | Path Traversal vulnerability in Moxa Mxview ONE The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. | 6.5 |
| 2024-09-20 | CVE-2024-9032 | Path Traversal vulnerability in Oretnom23 Simple Forum/Discussion System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. | 8.8 |
| 2024-09-19 | CVE-2024-33109 | Path Traversal vulnerability in multiple products Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. | 9.8 |
| 2024-09-19 | CVE-2024-8963 | Path Traversal vulnerability in Ivanti Endpoint Manager Cloud Services Appliance 4.6 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. | 9.1 |
| 2024-09-18 | CVE-2024-46986 | Path Traversal vulnerability in Tuzitio Camaleon CMS Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. | 9.9 |
| 2024-09-18 | CVE-2024-46987 | Path Traversal vulnerability in Tuzitio Camaleon CMS Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. | 7.7 |
| 2024-09-17 | CVE-2024-45816 | Path Traversal vulnerability in Backstage Backstage is an open framework for building developer portals. | 6.5 |
| 2024-09-17 | CVE-2024-45604 | Path Traversal vulnerability in Contao Contao is an Open Source CMS. | 4.3 |