Total
83 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22205 | 2025-02-06 | 7.5 High | ||
| Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x. | ||||
| CVE-2025-0858 | 2025-02-05 | N/A | ||
| A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in Poly Edge E devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. | ||||
| CVE-2022-48476 | 1 Jetbrains | 1 Ktor | 2025-02-04 | 7.5 High |
| In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible | ||||
| CVE-2024-41973 | 2025-02-03 | 8.1 High | ||
| A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. | ||||
| CVE-2024-41972 | 2025-02-03 | 6.5 Medium | ||
| A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges. | ||||
| CVE-2025-24685 | 2025-01-27 | 8.1 High | ||
| Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This issue affects Morkva UA Shipping: from n/a through 1.0.18. | ||||
| CVE-2025-22786 | 2025-01-15 | 7.5 High | ||
| Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.6. | ||||
| CVE-2024-49249 | 2025-01-07 | 8.6 High | ||
| Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3. | ||||
| CVE-2024-56214 | 2025-01-02 | 8.3 High | ||
| Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This issue affects Userpro: from n/a through 5.1.9. | ||||
| CVE-2024-56213 | 2025-01-02 | 6.5 Medium | ||
| Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.7. | ||||
| CVE-2024-56045 | 2024-12-31 | 9.3 Critical | ||
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5. | ||||
| CVE-2023-7263 | 2024-12-28 | 7.3 High | ||
| Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been assigned a (CVE)ID:CVE-2023-7263 | ||||
| CVE-2024-0113 | 1 Nvidia | 12 Mellanox Os Firmware, Metrox-2 Firmware, Metrox-3 Xc Firmware and 9 more | 2024-12-26 | 7.5 High |
| NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of this vulnerability might lead to escalation of privileges and information disclosure. | ||||
| CVE-2023-7300 | 2024-12-26 | 8 High | ||
| Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.(Vulnerability ID:HWPSIRT-2023-60613) | ||||
| CVE-2024-54216 | 2024-12-20 | 7.7 High | ||
| Path Traversal: '.../...//' vulnerability in Repute InfoSystems ARForms allows Path Traversal.This issue affects ARForms: from n/a through 6.4.1. | ||||
| CVE-2024-56049 | 2024-12-18 | 8.5 High | ||
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. | ||||
| CVE-2024-56055 | 2024-12-18 | 8.5 High | ||
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2. | ||||
| CVE-2024-54313 | 2024-12-13 | 6.5 Medium | ||
| Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25. | ||||
| CVE-2024-21575 | 2024-12-12 | 8.6 High | ||
| ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the `image.filename` field in a POST request sent to the `/upload/temp` endpoint added by the extension to the server. This results in writing arbitrary files to the file system which may, under some conditions, result in remote code execution (RCE). | ||||
| CVE-2024-52447 | 2024-12-02 | 8.6 High | ||
| Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through 1.6.1. | ||||