Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24765 | 2025-06-30 | N/A | 7.7 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RobMarsh Image Shadow allows Path Traversal. This issue affects Image Shadow: from n/a through 1.1.0.
|
|||||
| CVE-2025-6731 | 2025-06-30 | 6.5 MEDIUM | 6.3 MEDIUM | ||
|
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-49448 | 2025-06-30 | N/A | 8.6 HIGH | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fastw3b LLC FW Food Menu allows Path Traversal. This issue affects FW Food Menu : from n/a through 6.0.0.
|
|||||
| CVE-2025-53298 | 2025-06-30 | N/A | 4.9 MEDIUM | ||
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in gioni Plugin Inspector allows Path Traversal. This issue affects Plugin Inspector: from n/a through 1.5.
|
|||||
| CVE-2025-6774 | 2025-06-30 | 6.5 MEDIUM | 6.3 MEDIUM | ||
|
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been rated as critical. Affected by this issue is the function AddTemp of the file api/template.go. The manipulation of the argument filename leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.9 is able to address this issue. The patch is identified as 778d26aef723daa58df98c8060c43f5bf5d1b10b. It is recommended to upgrade the affected ...
Show More |
|||||
| CVE-2025-6773 | 2025-06-30 | 4.3 MEDIUM | 5.3 MEDIUM | ||
|
A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function upload_to_input_dir of the file lightrag/api/routers/document_routes.py of the component File Upload. The manipulation of the argument file.filename leads to path traversal. It is possible to launch the attack on the local host. The identifier of the patch is 60777d535b719631680bcf5d0969bdef79ca4eaf. It is recommended to apply a patch to fix this issue.
|
|||||
| CVE-2024-1132 | 1 Redhat | 10 Build Of Keycloak, Jboss Middleware Text-only Advisories, Keycloak and 7 more | 2025-06-30 | N/A | 8.1 HIGH |
|
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
|
|||||
| CVE-2019-19790 | 2 Progress, Telerik | 2 Telerik Ui For Asp.net Ajax, Radchart | 2025-06-30 | 7.5 HIGH | 9.8 CRITICAL |
|
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in favor of RadHtmlChart. All RadChart versions were affected. To avoid this vulnerability, you must remove RadChart's HTTP handler from a web.config (its type is Telerik.Web.UI.ChartHttpHandler).
|
|||||
| CVE-2014-2217 | 1 Progress | 1 Telerik Ui For Asp.net Ajax | 2025-06-30 | 7.5 HIGH | N/A |
|
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.
|
|||||
| CVE-2024-50626 | 1 Digi | 7 Connectport Lts 16, Connectport Lts 16 Mei, Connectport Lts 16 Mei 2ac and 4 more | 2025-06-27 | N/A | 8.8 HIGH |
|
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data.
|
|||||
| CVE-2025-52562 | 2025-06-26 | N/A | 10.0 CRITICAL | ||
|
Convoy is a KVM server management panel for hosting businesses. In versions 3.9.0-rc3 to before 4.4.1, there is a directory traversal vulnerability in the LocaleController component of Performave Convoy. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious locale and namespace parameters. This allows the attacker to include and execute arbitrary PHP files on the server. This issue has been patched in version 4.4.1. A tempora ...
Show More |
|||||
| CVE-2025-23092 | 2025-06-26 | N/A | 7.2 HIGH | ||
|
Mitel OpenScape Accounting Management through V5 R1.1.0 could allow an authenticated attacker with administrative privileges to conduct a path traversal attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to upload arbitrary files and execute unauthorized commands.
|
|||||
| CVE-2025-52574 | 2025-06-26 | N/A | 7.5 HIGH | ||
|
SysmonElixir is a system monitor HTTP service in Elixir. Prior to version 1.0.1, the /read endpoint reads any file from the server's /etc/passwd by default. In v1.0.1, a whitelist was added that limits reading to only files under priv/data. This issue has been patched in version 1.0.1.
|
|||||
| CVE-2025-52569 | 2025-06-26 | N/A | N/A | ||
|
GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on `api.github.com` that were not i ...
Show More |
|||||
| CVE-2025-50178 | 2025-06-26 | N/A | N/A | ||
|
GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the `GitForge.get_repo` function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on api.github.com that were not inte ...
Show More |
|||||
| CVE-2025-45890 | 1 Xxyopen | 1 Novel-plus | 2025-06-26 | N/A | 9.8 CRITICAL |
|
Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter
|
|||||
| CVE-2018-14672 | 1 Clickhouse | 1 Clickhouse | 2025-06-25 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages.
|
|||||
| CVE-2025-47511 | 1 Welcart | 1 Welcart E-commerce | 2025-06-25 | N/A | 6.8 MEDIUM |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nanbu Welcart e-Commerce allows Path Traversal. This issue affects Welcart e-Commerce: from n/a through 2.11.13.
|
|||||
| CVE-2025-3686 | 1 Misstt123 | 1 Oasys | 2025-06-25 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this vulnerability is the function image of the file /show. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
|
|||||
| CVE-2025-48957 | 1 Astrbot | 1 Astrbot | 2025-06-25 | N/A | 7.5 HIGH |
|
AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recom ...
Show More |
|||||
| CVE-2025-50348 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-06-25 | N/A | 7.5 HIGH |
|
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-class-pic.php.
|
|||||
| CVE-2025-50349 | 1 Phpgurukul | 1 Pre-school Enrollment System | 2025-06-25 | N/A | 7.5 HIGH |
|
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
|
|||||
| CVE-2025-48273 | 1 Wpjobportal | 1 Wp Job Portal | 2025-06-24 | N/A | 7.5 HIGH |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpjobportal WP Job Portal allows Path Traversal. This issue affects WP Job Portal: from n/a through 2.3.2.
|
|||||
| CVE-2024-48766 | 1 Netalertx | 1 Netalertx | 2025-06-24 | N/A | 8.6 HIGH |
|
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.
|
|||||
| CVE-2025-48026 | 2025-06-24 | N/A | 7.5 HIGH | ||
|
A vulnerability in the WebApl component of Mitel OpenScape Xpressions through V7R1 FR5 HF43 P913 could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow an attacker to read files from the underlying OS and obtain sensitive information.
|
|||||
| CVE-2024-46327 | 1 Vonets | 2 Vap11g-300, Vap11g-300 Firmware | 2025-06-24 | N/A | 5.7 MEDIUM |
|
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.
|
|||||
| CVE-2025-3577 | 1 Zyxel | 2 Amg1302-t10b, Amg1302-t10b Firmware | 2025-06-23 | N/A | 4.9 MEDIUM |
|
**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTTP request to an affected device.
|
|||||
| CVE-2024-35324 | 1 Douchat | 1 Douchat | 2025-06-23 | N/A | 9.8 CRITICAL |
|
Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php.
|
|||||
| CVE-2024-5154 | 2 Kubernetes, Redhat | 3 Cri-o, Enterprise Linux, Openshift Container Platform | 2025-06-23 | N/A | 8.1 HIGH |
|
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
|
|||||
| CVE-2025-46096 | 1 Noear | 1 Solon | 2025-06-23 | N/A | 6.1 MEDIUM |
|
Directory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy component
|
|||||
| CVE-2025-29660 | 1 Yiiot | 2 Xy-3820, Xy-3820 Firmware | 2025-06-23 | N/A | 9.8 CRITICAL |
|
A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques.
|
|||||
| CVE-2024-23904 | 1 Jenkins | 1 Log Command | 2025-06-20 | N/A | 7.5 HIGH |
|
Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins controller file system.
|
|||||
| CVE-2024-22523 | 1 Fuwushe | 1 Ifair | 2025-06-20 | N/A | 7.5 HIGH |
|
Directory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uploadimage component.
|
|||||
| CVE-2023-52288 | 1 Sujeetkv | 1 Flaskcode | 2025-06-20 | N/A | 7.5 HIGH |
|
An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/<file_path>.txt URI (from views.py), allows attackers to read arbitrary files.
|
|||||
| CVE-2023-48166 | 1 Unify | 1 Openscape Voice | 2025-06-20 | N/A | 7.5 HIGH |
|
A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote attacker to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that allow for the compromise of the underlying system.
|
|||||
| CVE-2024-57186 | 1 Erxes | 1 Erxes | 2025-06-20 | N/A | 5.4 MEDIUM |
|
In Erxes <1.6.2, an unauthenticated attacker can read arbitrary files from the system using a Path Traversal vulnerability in the /read-file endpoint handler.
|
|||||
| CVE-2024-57189 | 1 Erxes | 1 Erxes | 2025-06-20 | N/A | 5.4 MEDIUM |
|
In Erxes <1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler.
|
|||||
| CVE-2024-35081 | 1 Luckyframe | 1 Luckyframeweb | 2025-06-18 | N/A | 7.5 HIGH |
|
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload method.
|
|||||
| CVE-2023-45723 | 1 Hcltech | 1 Dryice Myxalytics | 2025-06-18 | N/A | 7.6 HIGH |
|
HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
|
|||||
| CVE-2025-50202 | 2025-06-18 | N/A | 7.5 HIGH | ||
|
Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue has been patched in version 6.6.10.
|
|||||