4 matches found
Anyquery has Path Traversal through `clear_plugin_cache`, Allowing Arbitrary Directory Deletion
Path Traversal in clearplugincache Allows Arbitrary Directory Deletion | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 | | Vulnerability | CWE-22 — Improper Limitation of a Pathname to a Restricted Directory | | Severity | High | Summa...
PT-2026-48538
Name of the Vulnerable Software and Affected Versions anyquery versions prior to 0.4.5 Description A path traversal issue exists in the SQL scalar function clear plugin cache within the namespace/other functions.go file. The function accepts a plugin argument and passes it to path.Join and...
EUVD-2025-208455
An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...
pgAdmin 4 vulnerable to directory traversal
Overview PostgreSQL management tool pgAdmin 4 contains a directory traversal vulnerability CWE-22. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user ...