CWE-23— Relative Path Traversal
395 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-23page 6 of 8
- CVE-2025-0225MEDIUMCVSS 4.3EG 4.32025-01-05
A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipu…
- CVE-2025-0390MEDIUMCVSS 5.3EG 5.32025-01-11
A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../…
- CVE-2025-0822MEDIUMCVSS 6.5EG 6.52025-02-15
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the c…
- CVE-2025-10203HIGHCVSS 7.8EG 7.82025-09-15
Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DWF3WORK fil…
- CVE-2025-10249MEDIUMCVSS 6.5EG 6.52025-10-09
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authen…
- CVE-2025-1086MEDIUMCVSS 5.3EG 5.32025-02-07
A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as critical. This vulnerability affects unknown code of the file /static/. The manipulation leads to path traversal: '../filedir'. The attack can b…
- CVE-2025-11898HIGHCVSS 7.5EG 7.52025-10-17
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
- CVE-2025-12097HIGHCVSS 7.5EG 7.52025-12-04
There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure. Successful exploitation requires an attacker to send a specially crafted request to the NI System Web Server, allowin…
- CVE-2025-13161HIGHCVSS 7.5EG 7.52025-11-14
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
- CVE-2025-13199MEDIUMCVSS 5.3EG 5.32025-11-15
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible …
- CVE-2025-13771MEDIUMCVSS 6.5EG 6.52025-11-28
WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
- CVE-2025-15015HIGHCVSS 7.5EG 7.52025-12-22
Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
- CVE-2025-15225HIGHCVSS 7.5EG 7.52025-12-29
WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files.
- CVE-2025-1584MEDIUMCVSS 4.3EG 4.32025-02-23
A vulnerability classified as problematic was found in opensolon Solon up to 3.0.8. This vulnerability affects unknown code of the file solon-projects/solon-web/solon-web-staticfiles/src/main/java/org/noear/solon/web/staticfiles/StaticMapp…
- CVE-2025-1588MEDIUMCVSS 6.5EG 6.52025-02-23
A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/manage-nurse.php. The manipulation of the argument profilepic leads to path …
- CVE-2025-1599MEDIUMCVSS 5.4EG 5.42025-02-24
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profile_crud.php. The manipulation of the argume…
- CVE-2025-20059CRITICALCVSS 9.1EG 9.12025-02-20
Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9.
- CVE-2025-2007HIGHCVSS 8.1EG 8.12025-04-01
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteImage() function in all versions up to, and including, 7.19. This makes it…
- CVE-2025-2056HIGHCVSS 7.5EG 7.52025-03-14
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function. This makes it possible for unauthenticated attackers to re…
- CVE-2025-22859MEDIUMCVSS 5.3EG 5.32025-05-13
A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via up…
- CVE-2025-22873LOWCVSS 3.8EG 3.82026-02-04
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape only permits opening the parent directory…
- CVE-2025-23011HIGHCVSS 8.8EG 8.82025-01-23
Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be execute…
- CVE-2025-23360HIGHCVSS 7.1EG 7.12025-03-11
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
- CVE-2025-23410CRITICALCVSS 9.8EG 9.82025-03-05
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supported archive types.
- CVE-2025-24343MEDIUMCVSS 5.4EG 5.42025-04-30
A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
- CVE-2025-24350HIGHCVSS 7.1EG 7.12025-04-30
A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary certificates in arbitrary file system paths via a crafted HTTP r…
- CVE-2025-24819MEDIUMCVSS 5.7EG 5.72026-04-07
Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
- CVE-2025-25048MEDIUMCVSS 6.5EG 6.52025-09-04
IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a…
- CVE-2025-25130HIGHCVSS 7.5EG 7.52025-03-03
Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through <= 2.1.1.
- CVE-2025-26349HIGHCVSS 7.2EG 7.22025-02-12
A CWE-23 "Relative Path Traversal" in the file upload mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite arbitrary files via crafted HTTP requests.
- CVE-2025-26645HIGHCVSS 8.8EG 8.82025-03-11
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
- CVE-2025-27410MEDIUMCVSS 6.5EG 6.52025-02-28
PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their conte…
- CVE-2025-27553HIGHCVSS 7.5EG 7.52025-03-23
Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is throw…
- CVE-2025-27610HIGHCVSS 7.5EG 7.52025-03-10
Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files under the specified `root:` even if `urls:` are provided, which may expose other files under t…
- CVE-2025-27791HIGHCVSS 8.3EG 0.02025-04-15
Collabora Online is a collaborative online office suite based on LibreOffice technology. In versions prior to 24.04.12.4, 23.05.19, and 22.05.25, there is a path traversal flaw in handling the CheckFileInfo BaseFileName field returned from…
- CVE-2025-2961MEDIUMCVSS 4.3EG 4.32025-03-30
A vulnerability classified as problematic was found in opensolon up to 3.1.0. This vulnerability affects the function render_mav of the file /aa of the component org.noear.solon.core.handle.RenderManager. The manipulation of the argument t…
- CVE-2025-29789HIGHCVSS 7.5EG 7.52025-03-25
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.3.0 are vulnerable to Directory Traversal in the Load Code feature. Version 7.3.0 contains a patch for the issue.
- CVE-2025-30159CRITICALCVSS 9.1EG 9.12025-05-13
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `snippet()` helper or `$kirby->snippet()` method with a dynamic snippet name (such as…
- CVE-2025-30207HIGHCVSS 7.5EG 7.52025-05-13
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby setups that use PHP's built-in server. Such setups are commonly only used during local development. Site…
- CVE-2025-31493CRITICALCVSS 9.1EG 9.12025-05-13
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the `collection()` helper or `$kirby->collection()` method with a dynamic collection name…
- CVE-2025-32017HIGHCVSS 8.8EG 8.82025-04-08
Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location.…
- CVE-2025-32137MEDIUMCVSS 4.9EG 4.92025-04-04
Relative Path Traversal vulnerability in Cristián Lávaque s2Member s2member allows Path Traversal.This issue affects s2Member: from n/a through <= 250419.
- CVE-2025-32409HIGHCVSS 8.1EG 8.12025-04-07
Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of…
- CVE-2025-33112HIGHCVSS 8.4EG 8.42025-06-10
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input.
- CVE-2025-3365CRITICALCVSS 9.8EG 9.82025-06-06
A missing protection against path traversal allows to access any file on the server.
- CVE-2025-34510HIGHCVSS 8.8EG 9.02025-06-17
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are affected by a Zip Slip vulnerability. A remote, authenticated attacker can exploit this issue by se…
- CVE-2025-40605MEDIUMCVSS 5.3EG 5.32025-11-20
A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../) and may access files and directories out…
- CVE-2025-41268CRITICALCVSS 9.1EG 9.12026-05-29
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to delete arbitrary files on the …
- CVE-2025-41271HIGHCVSS 7.5EG 7.52026-05-29
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device.
- CVE-2025-41280HIGHCVSS 7.8EG 7.82026-05-29
Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector …
Map vulnerabilities like CWE-23 to your infrastructure
EchelonGraph correlates every CVE — across CWE-23 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →