Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-4031 | Path Traversal vulnerability in Simple-Press Simple:Press The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. | 4.9 |
| 2022-11-29 | CVE-2022-25848 | Path Traversal vulnerability in Static-Dev-Server Project Static-Dev-Server 1.0.0 This affects all versions of package static-dev-server. | 7.5 |
| 2022-11-28 | CVE-2022-45921 | Path Traversal vulnerability in Fusionauth FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. | 7.5 |
| 2022-11-25 | CVE-2022-41158 | Path Traversal vulnerability in Eyoom Builder Remote code execution vulnerability can be achieved by using cookie values as paths to a file by this builder program. | 9.8 |
| 2022-11-25 | CVE-2022-41712 | Path Traversal vulnerability in Frappe 14.10.0 Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. | 6.5 |
| 2022-11-24 | CVE-2022-44748 | Path Traversal vulnerability in Knime Server 4.12.5/4.13.3/4.13.4 A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Server since 4.3.0 can result in arbitrary files being overwritten on the server's file system. | 7.5 |
| 2022-11-24 | CVE-2022-44749 | Path Traversal vulnerability in Knime Analytics Platform A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. | 7.0 |
| 2022-11-23 | CVE-2022-45866 | Path Traversal vulnerability in multiple products qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal via ../ in a .qp file. | 5.3 |
| 2022-11-23 | CVE-2022-44280 | Path Traversal vulnerability in Automotive Shop Management System Project Automotive Shop Management System 1.0 Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master.php?f=delete_img. | 6.5 |
| 2022-11-18 | CVE-2022-41840 | Path Traversal vulnerability in Collne Welcart E-Commerce Unauth. | 9.8 |