CWE-22— Path Traversal

An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal.

i-doit Pro v25 and below was discovered to be vulnerable to path traversal.

An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file.

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in By Averta Shortcodes and extra features for Phlox theme allows PHP Local File Inclusion.This issue affects Shortcodes and extra features for Ph…

Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sa…

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 3.5-milestone-1 and prior to versions 14.10.8 and 15.3-rc-1, triggering the office converter with a specially craf…

An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via se…

Jenkins MathWorks Polyspace Plugin 1.0.5 and earlier allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file systems.

IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot…

IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the s…

Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication …

The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 4.6.6. This makes it possible for unauthenticated attackers to download the contents of arbitrary files on the server, whic…

Azure Arc-Enabled Servers Elevation of Privilege Vulnerability

Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 vulnerable to a path traversal attack, which could allow an attacker to access files stored on the system.

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client (with remote control access to a game server) to read arbitrary files from the underlying server via the motdfile console variable.

rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.

An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExt…

IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view…

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1.

iTop is an IT service management platform. Dashboard editor : can load multiple files and URL, and full path disclosure on dashboard config file. This vulnerability is fixed in 3.0.4 and 3.1.1.

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../…

cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the ma…

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint `/knowage/restful-services/dossier/importTemplateFile` allows authenticated users to upload `templat…

Pimcore is an Open Source Data & Experience Management Platform: PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce. A path traversal vulnerability exists in the `AssetController::importServerFilesAction`, which allows an attacker to overwrite…

The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'.

A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. This vulnerability was fixed in version 9.0.120240617.19506 of ZKBioTime.

ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 (20240617.19506) allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in th…

A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.

A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive.

Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component.

An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry.

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file.

An issue in Archive v3.3.7 allows attackers to execute a path traversal via extracting a crafted zip file.

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.

PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled (a very common config…

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0.

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulner…

A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in…

Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Node.js environments, the `Buffer` class extends the `Uint8Array` class. Node.js prevents path traversal through strings (see CVE-2023-30584) …

A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.

Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.

Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Use…

Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Ga…

PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required…

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, in the back office, files can be compromised using path traversal by replaying the import file deletion query with a specified file path that uses the travers…

PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, the `displayAjaxEmailHTML` method can be used to read any file on the server, potentially even outside of the project if the server is not correctly configure…