Description qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI. Remediation References CVE-2023-45855 Related Vulnerabilities Oracle Database Server CVE-2009-1965 Vulnerability (CVE-2009-1965) WordPress Plugin Booking Ultra Pro Appointments Booking Calendar Local File Inclusion (1.1.13) WordPress Plugin Statistics Remote Code Execution (1.8) WordPress Plugin Couponer 'print-coupon.php' SQL Injection (1.2) WordPress Plugin Paid Memberships Pro-Content Restriction, User Registration, & Paid Subscriptions SQL Injection (2.9.11) Severity High Classification CVE-2023-45855 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities