Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-17 | CVE-2022-39178 | Path Traversal vulnerability in Webvendome Project Webvendome 1.0 Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure. | 5.3 |
| 2022-11-17 | CVE-2022-42892 | Path Traversal vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 5.3 |
| 2022-11-16 | CVE-2022-44006 | Path Traversal vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 9.8 |
| 2022-11-16 | CVE-2022-44008 | Path Traversal vulnerability in Backclick 5.9.63 An issue was discovered in BACKCLICK Professional 5.9.63. | 6.5 |
| 2022-11-16 | CVE-2022-43264 | Path Traversal vulnerability in Guitar-Pro Guitar PRO Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory traversal and download arbitrary files via a crafted web request. | 7.5 |
| 2022-11-15 | CVE-2022-45381 | Path Traversal vulnerability in Jenkins Pipeline Utility Steps 2.13.1 Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary files from the Jenkins controller file system. | 8.1 |
| 2022-11-15 | CVE-2022-42123 | Path Traversal vulnerability in Liferay Digital Experience Platform and Liferay Portal A Zip slip vulnerability in the Elasticsearch Connector in Liferay Portal 7.3.3 through 7.4.3.18, and Liferay DXP 7.3 before update 6, and 7.4 before update 19 allows attackers to create or overwrite existing files on the filesystem via the installation of a malicious Elasticsearch Sidecar plugin. | 7.5 |
| 2022-11-15 | CVE-2022-42125 | Path Traversal vulnerability in Liferay Digital Experience Platform and Liferay Portal Zip slip vulnerability in FileUtil.unzip in Liferay Portal 7.4.3.5 through 7.4.3.35 and Liferay DXP 7.4 update 1 through update 34 allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module. | 7.5 |
| 2022-11-15 | CVE-2022-42977 | Path Traversal vulnerability in Atlassian Confluence Data Center The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. | 7.5 |
| 2022-11-14 | CVE-2022-45184 | Path Traversal vulnerability in Ironmansoftware Powershell Universal The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted HTTP request to particular endpoints in the web server. | 7.2 |