Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2023-01-06 CVE-2019-25099 Path Traversal vulnerability in Afkmods Qsf-Portal
A vulnerability classified as critical was found in Arthmoor QSF-Portal.
network
low complexity
afkmods CWE-22
5.3
2023-01-05 CVE-2019-25098 Path Traversal vulnerability in Extplorer
A vulnerability was found in soerennb eXtplorer up to 2.1.12.
network
low complexity
extplorer CWE-22
critical
9.8
2023-01-05 CVE-2022-37934 Path Traversal vulnerability in multiple products
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series.
network
low complexity
hp hpe CWE-22
7.5
2023-01-03 CVE-2022-38723 Path Traversal vulnerability in Gravitee API Management
Gravitee API Management before 3.15.13 allows path traversal through HTML injection.
network
low complexity
gravitee CWE-22
8.6
2023-01-03 CVE-2022-45867 Path Traversal vulnerability in Mybb
MyBB before 1.8.33 allows Directory Traversal.
network
low complexity
mybb CWE-22
7.2
2023-01-03 CVE-2022-46306 Path Traversal vulnerability in Changingtec Servisign
ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path.
local
low complexity
changingtec CWE-22
7.8
2023-01-02 CVE-2014-125033 Path Traversal vulnerability in Rails-Cv-App Project Rails-Cv-App
A vulnerability was found in rails-cv-app.
network
low complexity
rails-cv-app-project CWE-22
7.5
2022-12-29 CVE-2022-38205 Path Traversal vulnerability in Esri Portal for Arcgis
In some non-default installations of Esri Portal for ArcGIS versions 10.9.1 and below, a directory traversal issue may allow a remote, unauthenticated attacker to traverse the file system and lead to the disclosure of sensitive data (not customer-published content).
network
low complexity
esri CWE-22
7.5
2022-12-29 CVE-2022-4778 Path Traversal vulnerability in Elvexys Streamx 6.02.01/6.04.34
StreamX applications from versions 6.02.01 to 6.04.34 are affected by a path traversal vulnerability that allows authenticated users to get unauthorized access to files on the server's filesystem. StreamX applications using StreamView HTML component with the public web server feature activated are affected.
network
low complexity
elvexys CWE-22
6.5
2022-12-29 CVE-2022-4779 Path Traversal vulnerability in Elvexys Streamx 6.02.01/6.04.34
StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected.
network
low complexity
elvexys CWE-22
critical
9.8