Show CWE-22: Improper Limitation of a Pathname to a Restricted Directory...

	Topic	Date	Author
Med.	Korenix JetPort 5601 1.2 Path Traversal	25.11.2024	Hierzer
Med.	Lawo AG vsm LTC Time Sync Path Traversal	28.10.2024	Sandro Einfeldt
Med.	C-MOR Video Surveillance 5.2401 Path Traversal	10.09.2024	Matthias Deeg
Med.	TVT NVMS-1000 Directory Traversal	03.09.2024	Dhiraj Mishra
Med.	Cisco ASA Directory Traversal	01.09.2024	Shelby Pace
Med.	A10 Networks AX Loadbalancer Directory Traversal	01.09.2024	xistence
High	Open WebUI 0.1.105 File Upload / Path Traversal	12.08.2024	Jaggar Henry
Med.	Devika v1 Path Traversal via snapshot_path	04.08.2024	Alperen Ergel
Med.	Apache OFBiz Forgot Password Directory Traversal	24.06.2024	jheysel-r7
Med.	Craft CMS Logs Plugin 3.0.3 Path Traversal (Authenticated)	02.06.2024	Steffen Rogge
Med.	Apache OFBiz 18.12.12 Directory Traversal	20.05.2024	Abdualhadi Khalifa
Med.	CrushFTP Directory Traversal	16.05.2024	Abdualhadi Khalifa
High	OpenClinic GA 5.247.01 Path Traversal (Authenticated)	15.04.2024	V. B.
Med.	BioTime Directory Traversal / Remote Code Execution	01.04.2024	w3bd3vil
Med.	TYPO3 11.5.24 Path Traversal (Authenticated)	20.03.2024	Saeed reza Zamanian
Med.	Automatic-Systems SOC FL9600 FastLine Directory Traversal	27.02.2024	Marcin Kozlowski
Med.	TYPO3 11.5.24 Path Traversal	20.12.2023	Saeed reza Zamanian
Med.	WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion	27.10.2023	Marco Wotschka
Med.	Automatic-Systems SOC FL9600 FastLine - Directory Transversal	17.10.2023	Cqure
Med.	Minio 2022-07-29T19-40-48Z Path Traversal	10.10.2023	Jenson Zhao
Med.	TECHView LA5570 Wireless Gateway 1.0.19_T53 Traversal / Privilege Escalation	09.09.2023	The Security Team
Med.	TP-Link TL-WR740N Directory Traversal	21.07.2023	Anish Feroz
Med.	Thruk Monitoring Web Interface 3.06 Path Traversal	10.06.2023	Galoget Latorre
Med.	CloudPanel 2.2.2 Privilege Escalation / Path Traversal	07.06.2023	EagleEye
High	Mitel MiCollab AWV 8.1.2.4 / 9.1.3 Directory Traversal / LFI	06.04.2023	Kahvi-0
High	Device Manager Express 7.8.20002.47752 SQL Injection / XSS / Code Execution / Traversal	24.02.2023	Eric Flokstra
Med.	py7zr 0.20.0 Directory Traversal	07.12.2022	Matteo Cosentino
Med.	Drupal H5P Module 2.0.0 Zip Slip Traversal	05.12.2022	EgiX
Med.	Payara Platform Path Traversal	15.11.2022	Michael Baer
Med.	Carel pCOWeb HVAC BACnet Gateway 2.1.0 Directory Traversal	12.11.2022	LiquidWorm
Med.	AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal	12.11.2022	Jens Regel
Med.	Webile 1.0.1 Directory Traversal	17.10.2022	Vulnerability Laborato...
High	Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion	20.09.2022	Chokri Hammedi
Med.	FTPManager 8.2 Local File Inclusion / Directory Traversal	07.09.2022	Chokri Hammedi
Med.	Zimbra Zip Path Traversal	24.08.2022	Ron Bowes
Med.	CuteEditor For PHP 6.6 Directory Traversal	08.08.2022	Stefan Hesselman
High	Zimbra UnRAR Path Traversal	08.08.2022	Ron Bowes
Med.	Omnia MPX 1.5.0+r1 Path Traversal	02.08.2022	Momen Eldawakhly
Med.	uftpd 2.10 Directory Traversal	02.08.2022	Aaron Esau
Med.	Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal	04.07.2022	LiquidWorm
Med.	SAP FRUN Simple Diagnostics Agent 1.0 Directory Traversal	22.06.2022	Yvan Genuer
Med.	SolarView Compact 6.00 Directory Traversal	04.06.2022	Ahmed Alroky
Low	WordPress User Meta Lite / Pro 2.4.3 Path Traversal	31.05.2022	Julien Ahrens
Med.	Bookeen Notea Directory Traversal	29.05.2022	Clement MAILLIOUX
Med.	Barco Control Room Management Suite Directory Traversal	04.04.2022	Murat Aydemir
Med.	IdeaRE RefTree Path Traversal	31.03.2022	Savino Sisco
Med.	Joomla! 4.1.0 Zip Slip File Overwrite / Path Traversal	30.03.2022	EgiX
Med.	Xerte 3.10.3 Directory Traversal	02.03.2022	Rik Lutz
Med.	Kyocera Command Center RX ECOSYS M2035dn Directory Traversal File Disclosure (Unauthenticated)	14.02.2022	Luis Martinez
Med.	Kyocera Command Center RX ECOSYS M2035dn Directory Traversal	12.02.2022	Luis Martinez
Med.	Ethercreative Logs 3.0.3 Path Traversal	26.01.2022	Steffen Rogge
Med.	CoreFTP Server Build 725 Directory Traversal	10.01.2022	LiamInfosec
Med.	Grafana 8.3.0 Directory Traversal / Arbitrary File Read	09.12.2021	s1gh
High	Aviatrix Controller 6.x Path Traversal / Code Execution	11.10.2021	0xJoyGhosh
Med.	Apache HTTP Server 2.4.49 Path Traversal	06.10.2021	Lucas Souza
Med.	ECOA Building Automation System Directory Traversal	13.09.2021	Neurogenesia
Med.	Umbraco CMS 8.9.1 Path traversal and Arbitrary File Write (Authenticated)	13.09.2021	BitTheByte
Med.	Artica Proxy VMWare Appliance 4.30.000000 SP273 Path Traversal	06.09.2021	Heiko Feldhusen
Med.	OpenSIS 8.0 modname Directory/Path Traversal	05.09.2021	Eric Salario
Med.	OpenSIS 8.0 Directory Traversal	04.09.2021	Eric Salario
High	KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure	21.07.2021	LiquidWorm
Med.	WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 Directory Traversal	07.07.2021	TheSmuggler
Med.	Pallets Werkzeug 0.15.4 Path Traversal	07.07.2021	faisalfs10x
Med.	OpenEMR 5.0.1.7 fileName Path Traversal (Authenticated)	29.06.2021	Ron Jost
Med.	Trixbox 2.8.0.4 Path Traversal	30.05.2021	Ron Jost
High	Schlix CMS 2.2.6-6 Shell Upload / Directory Traversal	25.05.2021	Emir Polat
Med.	Mini Mouse 9.2.0 Path Traversal	05.04.2021	gosh
Med.	WordPress Delightful Downloads Jquery File Tree 1.6.6 Path Traversal	22.03.2021	Nicholas Ferreira
Med.	Fluig 1.7.0 Path Traversal	05.03.2021	Lucas Souza
Med.	Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal	27.02.2021	SQSamir
Med.	orart Remote File Inculsion Vulnerability [ RFI ]	22.02.2021	h4shur
Med.	SolarWinds Serv-U FTP Server 15.2.1 Path Traversal	13.02.2021	Jack Misiura
Med.	Home Assistant Community Store 1.10.0 Path Traversal	29.01.2021	Lyghtnox
High	Selea Targa IP OCR-ANPR Camera Directory Traversal	22.01.2021	LiquidWorm
Med.	Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal	08.01.2021	SunCSR
Med.	Responsive FileManager 9.13.4 Path Traversal	05.01.2021	SunCSR
Med.	WordPress Duplicator 1.3.26 Directory Traversal / File Read	03.01.2021	Hoa Nguyen
Med.	Rocket.Chat Path Traversal	23.12.2020	Moe Szyslak
Med.	Cisco ASA 9.14.1.10 / FTD 6.6.0.1 Path Traversal	15.12.2020	Freakyclown
Low	Advanced Component System (ACS) 1.0 Path Traversal	13.12.2020	Francisco Javier Santi...
Low	Huawei HedEx Lite (DM) Path Traversal	04.12.2020	S.AbenMassaoud
High	Sony BRAVIA Digital Signage 1.7.8 Unauthenticated Remote File Inclusion	04.12.2020	LiquidWorm
High	TestBox CFML Test Framework 4.1.0 Directory Traversal	21.11.2020	Darren King
Med.	PMB 5.6 Local File Disclosure / Directory Traversal	16.11.2020	41-trk
Med.	SIGE (Joomla) 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities	13.11.2020	h4shur
Med.	ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure	05.11.2020	LiquidWorm
High	HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal	19.10.2020	Alexei Kojenov
Med.	ReQuest Serious Play Media Player 3.0 File Disclosure / Path Traversal	19.10.2020	LiquidWorm
Med.	Cisco ASA and FTD 9.6.4.42 Path Traversal	14.10.2020	3ndG4me
High	Garfield Petshop 2020-10-01 Cross Site Request Forgery	09.10.2020	Ramdan Yantu
Med.	Karel IP Phone IP1211 Web Management Panel Directory Traversal	07.10.2020	Berat Gokberk ISLER
Med.	Ruijie Networks Switch eWeb S29_RGOS 11.4 Directory Traversal	20.08.2020	Tuygun
Med.	October CMS <= Build 465 Multiple Vulnerabilities	03.08.2020	Sivanesh Ashok
Med.	Files 4 Client Pro - Easy File Transfer v1.2.2 - Path Traversal	30.07.2020	Vlad Vector
Med.	Bludit 3.9.2 Directory Traversal	30.07.2020	James Green
Med.	Zyxel Armor X1 WAP6806 Directory Traversal	15.07.2020	Rajivarnan R
High	ATutor 2.2.4 Directory Traversal / Remote Code Execution	01.07.2020	liquidsky
Med.	Zyxel Armor X1 Model:WAP6806 - Directory Traversal	30.06.2020	Rajivarnan R
Med.	Cisco AnyConnect Path Traversal / Privilege Escalation	25.06.2020	Yorick Koster
Med.	OpenCTI 3.3.1 Cross Site Scripting / Directory Traversal	18.06.2020	Raif Berkay Dincel

CVEMAP Search Results

CVE

Details

Description

2024-10-22

CVE-2024-41717

Updating...

Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow an unauthenticated attacker to read files on the system.

2024-10-21

CVE-2024-49366

Updating...

Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of `../../`. Arbitrary files can be written to the server, which may result in loss of permissions. Version 2.0.0-beta.26 fixes the issue.

2024-10-20

CVE-2024-49286

Updating...

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7.

2024-10-17

	CVE-2024-10100	Updating...	A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as critical application files, SSH keys, API keys, and configuration values.
	CVE-2024-49287	Updating...	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Marco Heine PDF-Rechnungsverwaltung allows PHP Local File Inclusion.This issue affects PDF-Rechnungsverwaltung: from n/a through 0.0.1.

2024-10-16

CVE-2024-45711	Updating...	SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. This issue requires a user to be authenticated and this is present when software environment variables are abused. Authentication is required for this vulnerability
CVE-2019-25213	Updating...	The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read in versions up to, and including, 5.9.8.1 due to insufficient validation on the aam-media parameter. This allows unauthenticated attackers to read any file on the server, including sensitive files such as wp-config.php
CVE-2024-49245	Updating...	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ahime Ahime Image Printer.This issue affects Ahime Image Printer: from n/a through 1.0.0.
CVE-2024-47645	Updating...	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sajid Javed Top Bar �?? PopUps �?? by WPOptin allows PHP Local File Inclusion.This issue affects Top Bar �?? PopUps �?? by WPOptin: from n/a through 2.0.1.
CVE-2024-47351	Updating...	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The CSSIgniter Team MaxSlider allows Path Traversal.This issue affects MaxSlider: from n/a through 1.2.3.

25.11.2024

28.10.2024

10.09.2024

03.09.2024

01.09.2024

01.09.2024

12.08.2024

04.08.2024

24.06.2024

02.06.2024

20.05.2024

16.05.2024

15.04.2024

01.04.2024

20.03.2024

27.02.2024

20.12.2023

27.10.2023

17.10.2023

10.10.2023

09.09.2023

21.07.2023

10.06.2023

07.06.2023

06.04.2023

24.02.2023

07.12.2022

05.12.2022

15.11.2022

12.11.2022

12.11.2022

17.10.2022

20.09.2022

07.09.2022

24.08.2022

08.08.2022

08.08.2022

02.08.2022

02.08.2022

04.07.2022

22.06.2022

04.06.2022

31.05.2022

29.05.2022

04.04.2022

31.03.2022

30.03.2022

02.03.2022

14.02.2022

12.02.2022

26.01.2022

10.01.2022

09.12.2021

11.10.2021

06.10.2021

13.09.2021

13.09.2021

06.09.2021

05.09.2021

04.09.2021

21.07.2021

07.07.2021

07.07.2021

29.06.2021

30.05.2021

25.05.2021

05.04.2021

22.03.2021

05.03.2021

27.02.2021

22.02.2021

13.02.2021

29.01.2021

22.01.2021

08.01.2021