Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-06 | CVE-2019-25099 | Path Traversal vulnerability in Afkmods Qsf-Portal A vulnerability classified as critical was found in Arthmoor QSF-Portal. | 5.3 |
2023-01-05 | CVE-2019-25098 | Path Traversal vulnerability in Extplorer A vulnerability was found in soerennb eXtplorer up to 2.1.12. | 9.8 |
2023-01-05 | CVE-2022-37934 | Path Traversal vulnerability in multiple products A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. | 7.5 |
2023-01-03 | CVE-2022-38723 | Path Traversal vulnerability in Gravitee API Management Gravitee API Management before 3.15.13 allows path traversal through HTML injection. | 8.6 |
2023-01-03 | CVE-2022-45867 | Path Traversal vulnerability in Mybb MyBB before 1.8.33 allows Directory Traversal. | 7.2 |
2023-01-03 | CVE-2022-46306 | Path Traversal vulnerability in Changingtec Servisign ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. | 7.8 |
2023-01-02 | CVE-2014-125033 | Path Traversal vulnerability in Rails-Cv-App Project Rails-Cv-App A vulnerability was found in rails-cv-app. | 7.5 |
2022-12-29 | CVE-2022-38205 | Path Traversal vulnerability in Esri Portal for Arcgis In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to the disclosure of sensitive data (not customer-published content). | 7.5 |
2022-12-29 | CVE-2022-4778 | Path Traversal vulnerability in Elvexys Streamx 6.02.01/6.04.34 StreamX applications from versions 6.02.01 to 6.04.34 are affected by a path traversal vulnerability that allows authenticated users to get unauthorized access to files on the server's filesystem. StreamX applications using StreamView HTML component with the public web server feature activated are affected. | 6.5 |
2022-12-29 | CVE-2022-4779 | Path Traversal vulnerability in Elvexys Streamx 6.02.01/6.04.34 StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected. | 9.8 |