Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21891 | 1 Nodejs | 1 Node.js | 2025-03-28 | N/A | 8.8 HIGH |
|
Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack.
This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21.
Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
|
|||||
| CVE-2025-27932 | 2025-03-28 | N/A | 8.1 HIGH | ||
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an attacker may delete a file on the device or cause a denial of service (DoS) condition.
|
|||||
| CVE-2025-27716 | 2025-03-28 | N/A | 6.5 MEDIUM | ||
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file/folder listing process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained and/or altered by a crafted HTTP request to specific functions of the product from a device connected to the LAN side.
|
|||||
| CVE-2025-27718 | 2025-03-28 | N/A | 8.8 HIGH | ||
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file upload process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained and/or altered or arbitrary code may be executed by a crafted HTTP request to specific functions of the product from a device connected to the LAN side.
|
|||||
| CVE-2024-54291 | 2025-03-28 | N/A | 8.6 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound PluginPass allows Manipulating Web Input to File System Calls. This issue affects PluginPass: from n/a through 0.9.10.
|
|||||
| CVE-2025-2294 | 2025-03-28 | N/A | 9.8 CRITICAL | ||
|
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded ...
Show More |
|||||
| CVE-2025-27726 | 2025-03-28 | N/A | 2.1 LOW | ||
|
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained and/or altered by a crafted HTTP request to specific functions of the product from a device connected to the LAN side.
|
|||||
| CVE-2025-23059 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2025-03-28 | N/A | 6.8 MEDIUM |
|
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive data, potentially compromising the integrity and security of the entire system.
|
|||||
| CVE-2024-44720 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 7.5 HIGH |
|
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.
|
|||||
| CVE-2025-25800 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.3 MEDIUM |
|
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php.
|
|||||
| CVE-2022-25936 | 1 Servst Project | 1 Servst | 2025-03-27 | N/A | 7.5 HIGH |
|
Versions of the package servst before 2.0.3 are vulnerable to Directory Traversal due to improper sanitization of the filePath variable.
|
|||||
| CVE-2024-50843 | 1 Phpgurukul | 1 User Registration \& Login And User Management System | 2025-03-27 | N/A | 5.3 MEDIUM |
|
A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets.
|
|||||
| CVE-2022-45783 | 1 Dotcms | 1 Dotcms | 2025-03-27 | N/A | 6.5 MEDIUM |
|
An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution.
|
|||||
| CVE-2025-1310 | 2025-03-27 | N/A | 6.5 MEDIUM | ||
|
The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'job_postings_get_file' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
|
|||||
| CVE-2025-27147 | 2025-03-27 | N/A | 8.2 HIGH | ||
|
The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access control vulnerability. Version 1.5.0 fixes the vulnerability.
|
|||||
| CVE-2025-2716 | 2025-03-27 | 3.3 LOW | 2.7 LOW | ||
|
A vulnerability classified as problematic was found in China Mobile P22g-CIac 1.0.00.488. This vulnerability affects unknown code of the component Samba Path Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-30567 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wp01ru WP01 allows Path Traversal. This issue affects WP01: from n/a through 2.6.2.
|
|||||
| CVE-2025-30895 | 2025-03-27 | N/A | 7.5 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in magepeopleteam WpEvently allows PHP Local File Inclusion. This issue affects WpEvently: from n/a through 4.2.9.
|
|||||
| CVE-2024-13920 | 1 Webtoffee | 1 Order Export \& Order Import For Woocommerce | 2025-03-27 | N/A | 4.9 MEDIUM |
|
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the download_file() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary log files on the server, which can contain sensitive information.
|
|||||
| CVE-2023-49508 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2025-03-27 | N/A | 6.5 MEDIUM |
|
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component.
|
|||||
| CVE-2023-23136 | 1 Lmxcms | 1 Lmxcms | 2025-03-27 | N/A | 6.5 MEDIUM |
|
lmxcms v1.41 was discovered to contain an arbitrary file deletion vulnerability via BackdbAction.class.php.
|
|||||
| CVE-2023-0454 | 1 Orangescrum | 1 Orangescrum | 2025-03-27 | N/A | 8.1 HIGH |
|
OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. This is possible because the application uses an unsanitized attacker-controlled parameter to construct an internal path.
|
|||||
| CVE-2022-47768 | 1 Serinf | 1 Fast Checkin | 2025-03-27 | N/A | 7.5 HIGH |
|
Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal.
|
|||||
| CVE-2025-30343 | 1 Openslides | 1 Openslides | 2025-03-27 | N/A | 3.0 LOW |
|
A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file or folder as a relative or absolute path (e.g., ../../../etc/passwd), the ZIP archive generated for download converts that title into a path. Depending on the extraction tool used by the user, this might ...
Show More |
|||||
| CVE-2024-0763 | 1 Mintplexlabs | 1 Anythingllm | 2025-03-27 | N/A | 8.1 HIGH |
|
Any user can delete an arbitrary folder (recursively) on a remote server due to bad input sanitization leading to path traversal. The attacker would need access to the server at some privilege level since this endpoint is protected and requires authorization.
|
|||||
| CVE-2022-47762 | 1 Gin-vue-admin Project | 1 Gin-vue-admin | 2025-03-26 | N/A | 7.5 HIGH |
|
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
|
|||||
| CVE-2022-3560 | 3 Fedoraproject, Pesign Project, Redhat | 3 Fedora, Pesign, Enterprise Linux | 2025-03-26 | N/A | 5.5 MEDIUM |
|
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.
|
|||||
| CVE-2021-37317 | 1 Asus | 2 Rt-ac68u, Rt-ac68u Firmware | 2025-03-26 | N/A | 9.1 CRITICAL |
|
Directory Traversal vulnerability in Cloud Disk in ASUS RT-AC68U router firmware version before 3.0.0.4.386.41634 allows remote attackers to write arbitrary files via improper sanitation on the target for COPY and MOVE operations.
|
|||||
| CVE-2021-36425 | 1 Phpwcms | 1 Phpwcms | 2025-03-26 | N/A | 5.4 MEDIUM |
|
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.
|
|||||
| CVE-2023-24804 | 1 Owncloud | 1 Owncloud Client | 2025-03-26 | N/A | 5.0 MEDIUM |
|
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the .txt extension). Version 3.0 fixes the reported bypasses.
|
|||||
| CVE-2024-7776 | 1 Onnx | 1 Onnx | 2025-03-26 | N/A | 9.1 CRITICAL |
|
A vulnerability in the `download_model` function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files in the user's directory, potentially leading to remote command execution.
|
|||||
| CVE-2024-40629 | 1 Fit2cloud | 1 Jumpserver | 2025-03-25 | N/A | 10.0 CRITICAL |
|
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to remote code execution (RCE) in the Celery container. The Celery container runs as root and has database access, allowing an attacker to steal all secrets for hosts, create a new JumpServer account with ...
Show More |
|||||
| CVE-2024-40628 | 1 Fit2cloud | 1 Jumpserver | 2025-03-25 | N/A | 10.0 CRITICAL |
|
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the ansible playbook to read arbitrary files in the celery container, leading to sensitive information disclosure. The Celery container runs as root and has database access, allowing the attacker to steal all secrets for hosts, create a new JumpServer account ...
Show More |
|||||
| CVE-2024-42680 | 1 Cysoft168 | 1 Super Easy Enterprise Management System | 2025-03-25 | N/A | 5.5 MEDIUM |
|
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.
|
|||||
| CVE-2024-37403 | 1 Ivanti | 1 Docs\@work | 2025-03-25 | N/A | 5.5 MEDIUM |
|
Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The application fails to properly sanitize file names, resulting in a path traversal-affiliated vulnerability. This potentially enables other malicious apps on the device to read sensitive information stored in the app root.
|
|||||
| CVE-2025-26935 | 1 Wpjobportal | 1 Wp Job Portal | 2025-03-25 | N/A | 7.5 HIGH |
|
Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8.
|
|||||
| CVE-2023-35812 | 2025-03-25 | N/A | 5.3 MEDIUM | ||
|
An issue was discovered in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, because of an incomplete fix for CVE-2019-6111 within these specific packages. The fix had only covered cases where an absolute path is passed to scp. When a relative path is used, there is no verification that the name of a file received by the client matches the file requested. Fixed packages are available with numbers 7.4p1-22.78.amzn1 and 7.4p1-22.amzn2.0.2.
|
|||||
| CVE-2023-26321 | 1 Mi | 1 File Manager | 2025-03-25 | N/A | 6.3 MEDIUM |
|
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
|
|||||
| CVE-2023-40160 | 2025-03-24 | N/A | 3.7 LOW | ||
|
Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker may obtain arbitrary files on the server.
|
|||||
| CVE-2023-24689 | 1 Mojoportal | 1 Mojoportal | 2025-03-24 | N/A | 4.3 MEDIUM |
|
An issue in Mojoportal v2.7.0.0 and below allows an authenticated attacker to list all css files inside the root path of the webserver via manipulation of the "s" parameter in /DesignTools/ManageSkin.aspx
|
|||||