Vulnerabilities > Relative Path Traversal

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-3122 CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system.
network
low complexity
CWE-23
4.9
2024-01-19 CVE-2024-22421 Relative Path Traversal vulnerability in multiple products
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture.
network
low complexity
jupyter fedoraproject CWE-23
6.5
2023-12-13 CVE-2023-6722 Relative Path Traversal vulnerability in Europeana Repox 2.3.7
A path traversal vulnerability has been detected in Repox, which allows an attacker to read arbitrary files on the running server, resulting in a disclosure of sensitive information.
network
low complexity
europeana CWE-23
7.5
2023-11-14 CVE-2023-42783 Relative Path Traversal vulnerability in Fortinet Fortiwlm
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.
network
low complexity
fortinet CWE-23
7.5
2023-09-21 CVE-2023-42456 Relative Path Traversal vulnerability in Memorysafety Sudo 0.1.0/0.2.0
Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group.
network
low complexity
memorysafety CWE-23
8.1
2023-09-11 CVE-2023-4897 Relative Path Traversal vulnerability in Mintplexlabs Anythingllm
Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.
network
low complexity
mintplexlabs CWE-23
critical
9.8
2023-04-28 CVE-2023-2356 Relative Path Traversal vulnerability in Lfprojects Mlflow
Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
network
low complexity
lfprojects CWE-23
7.5
2022-07-22 CVE-2022-31163 Relative Path Traversal vulnerability in multiple products
TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules.
network
high complexity
tzinfo-project debian CWE-23
8.1
2022-05-11 CVE-2021-34605 Relative Path Traversal vulnerability in Xinje Xd/E Series PLC Program Tool
A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file.
network
xinje CWE-23
6.0
2021-10-25 CVE-2021-41178 Relative Path Traversal vulnerability in Nextcloud Server
Nextcloud is an open-source, self-hosted productivity platform.
network
low complexity
nextcloud CWE-23
6.5