Total
369 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7058 | 1 Lollms | 1 Lollms Web Ui | 2025-07-08 | N/A | 4.4 MEDIUM |
|
A vulnerability in the sanitize_path function in parisneo/lollms-webui v10 - latest allows an attacker to bypass path sanitization by using relative paths such as './'. This can lead to unauthorized access to directories within the personality_folder on the victim's computer.
|
|||||
| CVE-2012-5972 | 1 Specview | 1 Specview | 2025-07-07 | 2.6 LOW | N/A |
|
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
|
|||||
| CVE-2025-26645 | 1 Microsoft | 16 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 13 more | 2025-07-07 | N/A | 8.8 HIGH |
|
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
|
|||||
| CVE-2012-6069 | 1 3s-software | 1 Codesys Runtime System | 2025-07-02 | 10.0 HIGH | 10.0 CRITICAL |
|
The CoDeSys Runtime Toolkit’s file transfer functionality does not
perform input validation, which allows an attacker to access files and
directories outside the intended scope. This may allow an attacker to
upload and download any file on the device. This could allow the
attacker to affect the availability, integrity, and confidentiality of
the device.
|
|||||
| CVE-2025-52207 | 2025-06-30 | N/A | 9.9 CRITICAL | ||
|
PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a PHP script to an arbitrary directory.
|
|||||
| CVE-2024-52012 | 1 Apache | 1 Solr | 2025-06-27 | N/A | 5.4 MEDIUM |
|
Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable ...
Show More |
|||||
| CVE-2025-48957 | 1 Astrbot | 1 Astrbot | 2025-06-25 | N/A | 7.5 HIGH |
|
AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recom ...
Show More |
|||||
| CVE-2025-52922 | 2025-06-23 | N/A | 7.4 HIGH | ||
|
Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: (1) fully map the filesystem structure via the /api/file_manager/files?base_folder= endpoint, (2) create arbitrary directories on the server via the /api/file_manager/directories endpoint, (3) read arbitrary files from the server by copying the file to a readable location within the application via the /api/file_manager/copy_files endpoint ...
Show More |
|||||
| CVE-2025-2056 | 1 Wpplugins | 1 Hide My Wp Ghost | 2025-06-20 | N/A | 7.5 HIGH |
|
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to read the contents of specific file types on the server, which can contain sensitive information.
|
|||||
| CVE-2024-2318 | 1 Zkteco | 1 Zkbio Media | 2025-06-10 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbio_media.sql leads to path traversal: '../filedir'. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1.3 Build 2025-05-26-1605 is a ...
Show More |
|||||
| CVE-2025-3365 | 2025-06-06 | N/A | 9.8 CRITICAL | ||
|
A missing protection against path traversal allows to access
any file on the server.
|
|||||
| CVE-2025-49466 | 2025-06-05 | N/A | 5.8 MEDIUM | ||
|
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,
|
|||||
| CVE-2023-34990 | 1 Fortinet | 1 Fortiwlm | 2025-06-05 | N/A | 9.8 CRITICAL |
|
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.
|
|||||
| CVE-2023-35816 | 1 Devexpress | 1 Devexpress | 2025-06-05 | N/A | 3.5 LOW |
|
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.
|
|||||
| CVE-2024-27199 | 1 Jetbrains | 1 Teamcity | 2025-05-30 | N/A | 7.3 HIGH |
|
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
|
|||||
| CVE-2018-5448 | 1 Medtronic | 2 2090 Carelink Programmer, 2090 Carelink Programmer Firmware | 2025-05-22 | 2.7 LOW | 4.8 MEDIUM |
|
Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.
|
|||||
| CVE-2025-47788 | 2025-05-19 | N/A | N/A | ||
|
Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the `$target` parameter in `/controller.php` was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602 contains a fix for the issue.
|
|||||
| CVE-2025-46433 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.9 MEDIUM |
|
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible
|
|||||
| CVE-2024-24940 | 1 Jetbrains | 1 Intellij Idea | 2025-05-15 | N/A | 2.8 LOW |
|
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
|
|||||
| CVE-2024-20352 | 1 Cisco | 1 Emergency Responder | 2025-05-07 | N/A | 4.9 MEDIUM |
|
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An attacker could exploit this vulnerability by sending crafted requests to the web UI. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of th ...
Show More |
|||||
| CVE-2025-29789 | 1 Open-emr | 1 Openemr | 2025-05-06 | N/A | 7.5 HIGH |
|
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.
|
|||||
| CVE-2025-24343 | 2025-05-02 | N/A | 5.4 MEDIUM | ||
|
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
|
|||||
| CVE-2025-24350 | 2025-05-02 | N/A | 7.1 HIGH | ||
|
A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP request.
|
|||||
| CVE-2022-42892 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-30 | N/A | 5.3 MEDIUM |
|
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow directory listing in any folder accessible to the account assigned to the website’s application pool.
|
|||||
| CVE-2022-4123 | 2 Fedoraproject, Podman Project | 2 Fedora, Podman | 2025-04-22 | N/A | 3.3 LOW |
|
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
|
|||||
| CVE-2017-13996 | 1 Loytec | 2 Lvis-3me, Lvis-3me Firmware | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
|
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.
|
|||||
| CVE-2021-22650 | 1 Ovarro | 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more | 2025-04-17 | N/A | 7.5 HIGH |
|
An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.
|
|||||
| CVE-2025-27791 | 2025-04-16 | N/A | N/A | ||
|
Collabora Online is a collaborative online office suite based on LibreOffice technology. In versions prior to 24.04.12.4, 23.05.19, and 22.05.25, there is a path traversal flaw in handling the CheckFileInfo BaseFileName field returned from WOPI servers. This allows for a file to be written anywhere the uid running Collabora Online can write, if such a response was supplied by a malicious WOPI server. By combining this flaw with a Time of Check, Time of Use DNS lookup issue with a WOPI server add ...
Show More |
|||||
| CVE-2025-27410 | 1 Pwndoc Project | 1 Pwndoc | 2025-04-16 | N/A | 6.5 MEDIUM |
|
PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included `.js` file and restarting the container, this allows for Remote Code Execution as an administrator. The remote code execution occurs because any user with the `backups:create` and `backups:update` (only administrators by default) ...
Show More |
|||||
| CVE-2023-0511 | 1 Forgerock | 1 Java Policy Agents | 2025-04-14 | N/A | 9.1 CRITICAL |
|
Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1
|
|||||
| CVE-2023-0339 | 1 Forgerock | 1 Web Policy Agents | 2025-04-14 | N/A | 9.1 CRITICAL |
|
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1
|
|||||
| CVE-2025-32409 | 2025-04-08 | N/A | 8.1 HIGH | ||
|
Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended handling of concurrency.
|
|||||
| CVE-2025-32137 | 2025-04-07 | N/A | 4.9 MEDIUM | ||
|
Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This issue affects s2Member: from n/a through 250214.
|
|||||
| CVE-2025-27553 | 1 Apache | 1 Commons Vfs | 2025-04-02 | N/A | 7.5 HIGH |
|
Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0.
The FileObject API in Commons VFS has a 'resolveFile' method that
takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of
the base file". However, when the path contains encoded ".."
characters (for example, "%2E%2E/bar.txt"), it might return file objects that are not
a descendent of the base file, without throwing an exception.
This i ...
Show More |
|||||
| CVE-2025-2961 | 2025-04-01 | 4.0 MEDIUM | 4.3 MEDIUM | ||
|
A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function render_mav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument template with the input ../org/example/HelloApp.class leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-2007 | 2025-04-01 | N/A | 8.1 HIGH | ||
|
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteImage() function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
|
|||||
| CVE-2024-9363 | 2025-03-20 | N/A | 7.5 HIGH | ||
|
An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An attacker can delete important files within the containers, such as `polyaxon.sock`, causing the API container to exit unexpectedly. This disrupts related services and prevents the system from functioning normally, without requiring authentication or UUID parameters.
|
|||||
| CVE-2024-32115 | 1 Fortinet | 1 Fortimanager | 2025-03-19 | N/A | 5.5 MEDIUM |
|
A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via crafted HTTP or HTTPs requests.
|
|||||
| CVE-2024-12019 | 2025-03-14 | N/A | N/A | ||
|
The API used to interact with documents in the application contains a flaw that allows an authenticated attacker to read the contents of files on the underlying operating system. An account with ‘read’ and ‘download’ privileges on at least one existing document in the application is required to exploit the vulnerability. Exploitation of this vulnerability would allow an attacker to read the contents of any file available within the privileges of the system user running the application.
|
|||||
| CVE-2024-27770 | 1 Unitronics | 1 Unilogic | 2025-03-10 | N/A | 8.8 HIGH |
|
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-23: Relative Path Traversal
|
|||||