CWE-31
11 CVEs classified under CWE-31. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2044 | Critical | 9.9 | 2024-03-07 | pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Wind… |
CVE-2024-41376 | High | 8.8 | 2024-08-05 | dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php. |
CVE-2024-24998 | High | 8.8 | 2024-04-19 | A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM… |
CVE-2024-28088 | High | 8.1 | 2024-03-04 | LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypa… |
CVE-2024-36857 | High | 7.5 | 2024-06-04 | Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. |
CVE-2024-35431 | High | 7.5 | 2024-05-30 | ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via photoBase64. An unauthenticated user can download local files from the server. NOTE: Thi… |
CVE-2019-6268 | High | 7.5 | 2024-03-08 | RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by read… |
CVE-2024-25840 | High | 7.5 | 2024-02-27 | In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for PrestaShop, a guest can download pe… |
CVE-2024-35429 | Medium | 6.5 | 2024-05-30 | ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord. |
CVE-2023-35860 | Medium | 5.3 | 2024-06-13 | A Directory Traversal vulnerability in Modern Campus - Omni CMS 2023.1 allows a remote, unauthenticated attacker to enumerate file system information via the d… |
CVE-2024-22723 | Medium | 4.9 | 2024-02-28 | Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can… |