CWE-22: Path Traversal

CVE-2022-23347 is a directory traversal vulnerability in BigAnt Server that allows attackers to access files outside the intended directory. This affe...

CVE-2022-25249 is a directory traversal vulnerability in Axeda agent and Axeda Desktop Server for Windows that allows remote unauthenticated attackers...

This CVE describes a path traversal vulnerability in D-Link DAP-1620 devices that allows attackers to read sensitive system files like /etc/passwd and...

This vulnerability in Qt allows attackers to load malicious system library files from unintended directories, potentially leading to arbitrary code ex...

This CVE describes a directory traversal vulnerability in WeBankPartners wecube-platform version 3.2.1 that allows attackers to read arbitrary files o...

CVE-2022-23612 is a path traversal vulnerability in OpenMRS that allows attackers to exfiltrate arbitrary files from the server. The vulnerability aff...

CVE-2022-25298 is a directory traversal vulnerability in sprinfall/webcc that allows attackers to access arbitrary files on the server by manipulating...

This vulnerability allows authenticated attackers in Ovidentia CMS 6.0 to perform path traversal attacks through the FileManager component, enabling u...

CVE-2022-24983 is an information disclosure vulnerability in JQueryForm.com forms that allows attackers to obtain the URI of uploaded files by capturi...

CVE-2021-35380 is a directory traversal vulnerability in Solari di Udine TermTalk Server that allows unauthenticated attackers to read arbitrary files...

CVE-2021-43734 is a directory traversal vulnerability in kkFileView v4.0.0 that allows attackers to read arbitrary files on the server. This affects o...

This vulnerability allows remote attackers without authentication to download arbitrary files from the server filesystem by exploiting a directory tra...

This CVE describes a directory traversal vulnerability in iCMS content management system that allows attackers to read arbitrary files on the server. ...

This vulnerability in convert-svg-core, convert-svg-to-png, and convert-svg-to-jpeg packages allows attackers to read arbitrary files from the server'...

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux allows authenticated attackers to r...

CVE-2021-46104 is a directory traversal vulnerability in webp_server_go that allows attackers to read arbitrary files on the server by manipulating UR...

CVE-2022-21371 is a local file inclusion vulnerability in Oracle WebLogic Server's web container that allows unauthenticated attackers with network ac...

This CVE describes a directory traversal vulnerability in SphinxSearch that allows attackers to read arbitrary files on the server. When combined with...

This vulnerability allows attackers to read arbitrary files on NavigateCMS servers by manipulating the 'id' parameter in the navigate_download.php scr...

This vulnerability in the rust-embed crate allows directory traversal attacks in debug mode, potentially enabling attackers to read arbitrary files ou...

This vulnerability in the True Ranker WordPress plugin allows attackers to read arbitrary files on the server, including sensitive configuration files...

This directory traversal vulnerability in PHPGURUKUL Employee Record Management System 1.2 allows attackers to access sensitive files outside the inte...

This vulnerability allows unauthenticated attackers to perform path traversal attacks on FortiOS and FortiProxy login pages, potentially exposing sens...

CVE-2021-43798 is a directory traversal vulnerability in Grafana that allows attackers to read arbitrary files on the server by exploiting a flaw in t...

This directory traversal vulnerability in Wiki.js allows attackers to read arbitrary files on Windows systems when specific storage modules are enable...

CVE-2021-43795 is a path traversal vulnerability in Armeria microservice framework that allows attackers to bypass directory restrictions using URL-en...

This vulnerability allows unauthenticated attackers to trick Synapse Matrix homeservers into downloading files from remote servers to arbitrary direct...

This vulnerability allows remote attackers to read arbitrary files on Wipro Holmes Orchestrator servers via path traversal in the File Download API. A...

CVE-2021-40745 is a path traversal vulnerability in Adobe Campaign that allows unauthenticated attackers to read arbitrary files on the server by expl...

CVE-2021-3924 is a path traversal vulnerability in Grav CMS that allows attackers to read arbitrary files outside the intended directory. This affects...

The Jenkins Subversion Plugin vulnerability allows attackers with agent access to read arbitrary files on the Jenkins controller file system. This aff...

CVE-2021-33800 is a directory traversal vulnerability in Druid 1.2.3 that allows attackers to access files outside the intended directory by manipulat...

This directory traversal vulnerability in phpok 5.1 allows attackers to access sensitive files outside the intended directory via the title parameter ...

This path traversal vulnerability in Huawei FusionCube allows attackers to access files outside restricted directories by manipulating filenames. It a...

Sky File v2.1.0 contains a directory traversal vulnerability in its FTP server that allows attackers to bypass directory restrictions using 'null' pat...

This path traversal vulnerability in python-tuf allows attackers to overwrite .json files anywhere on the client system by using path traversal charac...

CVE-2021-33726 is a path traversal vulnerability in Siemens SINEC NMS that allows authenticated attackers to download arbitrary files from the server ...

CVE-2021-41291 is a path traversal vulnerability in ECOA BAS controllers that allows unauthenticated attackers to remotely disclose directory contents...

CVE-2021-41381 is a directory traversal vulnerability in Payara Micro Community that allows attackers to read arbitrary files on the server filesystem...

This vulnerability in CMS Made Simple allows unauthenticated attackers to perform path traversal attacks, potentially reading arbitrary files on the s...

CVE-2021-33692 is a path traversal vulnerability in SAP Cloud Connector that allows attackers to upload malicious zip backup files containing director...

Eyoucms 1.5.4 contains a directory traversal vulnerability that allows attackers to write files outside intended directories by injecting '../' sequen...

CVE-2021-23430 is a directory traversal vulnerability in the startserver npm package that allows attackers to read arbitrary files outside the intende...

CVE-2021-38758 is a directory traversal vulnerability in Online Catering Reservation System 1.0 that allows attackers to read arbitrary files on the s...

This vulnerability allows remote attackers to write arbitrary files to the SAP BusinessObjects Edge 4.0 File Repository Server via a full pathname in ...

This vulnerability allows remote attackers to write arbitrary files to the Windows temporary directory by submitting crafted paths when a Ruby web app...

This vulnerability in elFinder.AspNet allows path traversal attacks due to improper sanitization of user-controlled file names. Attackers can potentia...

This vulnerability in Minecraft Java Edition allows attackers to delete arbitrary JSON files via path traversal when the server is configured with onl...

CVE-2021-34820 is a directory traversal vulnerability in the Novus HTTP Server that allows unauthenticated attackers to access arbitrary files on the ...

This CVE describes a path traversal vulnerability in Micronaut framework versions prior to 2.5.9. Attackers can access arbitrary files on the filesyst...