CWE-22: Path Traversal

This vulnerability allows unauthenticated attackers to read arbitrary files from a specific directory in Zimbra Collaboration Suite. It affects Zimbra...

An unauthenticated directory traversal vulnerability in Vonets industrial wifi bridge devices allows remote attackers to read arbitrary files and bypa...

CVE-2024-6781 is a path traversal vulnerability in Calibre ebook management software that allows unauthenticated attackers to read arbitrary files fro...

This CVE describes a path traversal vulnerability in Cybonet software that allows attackers to access files outside the intended directory. Attackers ...

A path traversal vulnerability in SKYSEA Client View allows authenticated users on Windows systems to execute arbitrary executable files by manipulati...

This vulnerability in the Ultimate Classified Listings WordPress plugin allows unauthenticated attackers to access arbitrary PHP files on the server t...

This CVE describes a directory traversal vulnerability in Severalnines Cluster Control's CMON API that allows remote attackers to read arbitrary files...

This vulnerability in GeoServer allows attackers to bypass input validation and read arbitrary classpath resources with specific file extensions when ...

A path traversal vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete other users' chat histories and any .json file...

This path traversal vulnerability in Adobe Acrobat Mobile Sign for Android allows attackers to bypass directory restrictions and access or overwrite f...

This path traversal vulnerability in the Ovic Importer WordPress plugin allows attackers to download arbitrary files from the server by manipulating f...

This path traversal vulnerability in the Strategery Migrations WordPress plugin allows attackers to delete arbitrary files on the server. It affects a...

This CVE describes a local file inclusion vulnerability in gradio-app/gradio version 4.25. Attackers can exploit improper JSON parsing in the postproc...

This path traversal vulnerability in BoldGrid Total Upkeep WordPress plugin allows attackers to download arbitrary files from the server by manipulati...

CVE-2023-40297 is a directory traversal vulnerability in Stakater Forecastle that allows attackers to access files outside the intended web directory ...

CmsEasy v7.7.7.9 contains a local file inclusion vulnerability in the fckedit_action method of /admin/template_admin.php that allows attackers to read...

This vulnerability allows remote attackers to read arbitrary files on LG SuperSign Media Editor systems without authentication. Attackers can exploit ...

This vulnerability in LG Simple Editor allows remote attackers to read sensitive files on the system without authentication. Attackers can exploit a d...

This directory traversal vulnerability in ProQuality pqprintshippinglabels allows attackers to access files outside the intended directory via the mod...

A path traversal vulnerability in MLflow allows attackers to use ';' characters in URL parameters to access unauthorized files or directories. This af...

This path traversal vulnerability in MLflow allows attackers to read arbitrary files on the server by exploiting improper validation of the source par...

This vulnerability allows remote attackers to perform directory traversal attacks on IBM Maximo Application Suite systems. By sending specially crafte...

CVE-2024-27575 is an absolute path traversal vulnerability in INOTEC Sicherheitstechnik WebServer CPS220/64 version 3.3.19 that allows remote attacker...

This vulnerability allows attackers to perform directory traversal attacks on Allied Telesis AT-S115 1.2.0 devices, enabling partial unauthorized acce...

CVE-2024-23721 is a directory traversal vulnerability in Draytek Vigor3910 devices that allows attackers to access sensitive system files by manipulat...

This vulnerability allows authenticated attackers to perform directory path traversal attacks in OpenClinic GA by manipulating the Page parameter in G...

This vulnerability allows unauthenticated remote attackers to read arbitrary local files on Appwrite servers via directory traversal in the ACME-chall...

OpenRefine versions up to 3.7.7 contain a JDBC attack vulnerability that allows attackers to read arbitrary files on the host filesystem. This occurs ...

This vulnerability in Software FX Chart FX 7 allows attackers to perform directory traversal attacks by sending specially crafted web requests, enabli...

A directory traversal vulnerability in LiveConfig before version 2.5.2 allows remote attackers to access sensitive files outside the intended director...

CVE-2024-24756 is a path traversal vulnerability in Crafatar that allows attackers to read files outside the intended public directory. Affected syste...

A directory traversal vulnerability in Qiyu iFair's uploadimage component allows remote attackers to access sensitive files outside the intended direc...

CVE-2023-48383 is a path traversal vulnerability in NetVision airPASS that allows unauthenticated remote attackers to bypass authentication and downlo...

CVE-2023-52288 is a directory traversal vulnerability in flaskcode versions up to 0.0.8 that allows unauthenticated attackers to read arbitrary files ...

A directory traversal vulnerability in the SOAP Server of Atos Unify OpenScape Voice V10 allows unauthenticated remote attackers to read arbitrary fil...

CVE-2024-22050 is a path traversal vulnerability in Iodine's static file service that allows unauthenticated remote attackers to read files outside th...

This directory traversal vulnerability in Automatic Systems SOC FL9600 FirstLane allows remote attackers to read sensitive files on the system by mani...

This CVE describes a directory traversal vulnerability in fuwushe.org iFair software versions 23.8_ad0 and earlier. Attackers can exploit this vulnera...

The Backup Migration plugin for WordPress has a path traversal vulnerability that allows unauthenticated attackers to delete arbitrary files via manip...

The MW WP Form WordPress plugin has a vulnerability allowing unauthenticated attackers to delete arbitrary files on the server, including critical Wor...

CVE-2023-50264 is an arbitrary file read vulnerability in Bazarr subtitle management software. Attackers can read any file on the system by manipulati...

ITPison OMICARD EDM has a path traversal vulnerability in the 'FileName' parameter that allows unauthenticated remote attackers to bypass authenticati...

CVE-2023-48660 is an arbitrary file read vulnerability in Dell vApp Manager that allows remote attackers to read arbitrary files from the target syste...

This vulnerability in HL7 FHIR Core Libraries allows attackers to perform directory traversal during package decompression, enabling arbitrary file wr...

JFinalCMS 5.0.0 contains a directory traversal vulnerability that allows remote attackers to read arbitrary files on the server. Attackers can exploit...

CVE-2023-46307 is a directory traversal vulnerability in etcd-browser that allows attackers to read arbitrary files on the server by manipulating URL ...

Delta Electronics InfraSuite Device Master v1.0.7 contains a path traversal vulnerability (CWE-22) that allows unauthenticated attackers to access sen...

This vulnerability in Apache Tiles allows attackers to perform path traversal attacks when user-controlled data is passed to the DefaultLocaleResolver...

CVE-2023-48848 is an arbitrary file read vulnerability in ureport v2.2.9 that allows remote attackers to read sensitive files on the server by manipul...

This CVE describes a directory traversal vulnerability in TerraMaster NAS devices that allows remote attackers to access sensitive files outside the i...