CWE-22: Path Traversal

CVE-2020-8209 is an improper access control vulnerability in Citrix XenMobile Server that allows attackers to read arbitrary files on the system. This...

This vulnerability allows local attackers to escalate privileges on Windows systems running vulnerable versions of SteelCentral Aternity Agent. By exp...

CVE-2020-7687 is a path traversal vulnerability in the fast-http npm package that allows attackers to read arbitrary files on the server by manipulati...

CVE-2020-7681 is a path traversal vulnerability in the marscode npm package that allows attackers to read arbitrary files on the server. This affects ...

CVE-2020-7683 is a path traversal vulnerability in rollup-plugin-server that allows attackers to read arbitrary files from the server's filesystem. Th...

A path traversal vulnerability in Survey versions below 3 allows attackers to read arbitrary files on the server by manipulating file paths. This affe...

CVE-2020-7684 is a path traversal vulnerability in rollup-plugin-serve that allows attackers to read arbitrary files on the server due to lack of path...

This path traversal vulnerability in socket.io-file allows attackers to write files outside the intended upload directory by using directory traversal...

This vulnerability allows path traversal attacks during CPIO archive extraction in the go-rpmutils library. Attackers can craft malicious archives to ...

This vulnerability allows attackers to perform path traversal attacks when extracting malicious zip archives using the github.com/unknwon/cae/zip pack...

This directory traversal vulnerability in Artica Proxy allows attackers to read arbitrary files on the server by manipulating the popup parameter in f...

CVE-2020-8604 is a path traversal vulnerability (CWE-22) in Trend Micro InterScan Web Security Virtual Appliance 6.5 that allows remote attackers to a...

CVE-2020-12116 is an unauthenticated arbitrary file read vulnerability in Zoho ManageEngine OpManager. Attackers can read sensitive files on the serve...

CVE-2020-8983 is an arbitrary file write vulnerability in Citrix ShareFile StorageZones Controller that allows remote code execution. It affects all v...

CVE-2020-7473 is an unauthenticated directory traversal vulnerability in Citrix ShareFile StorageZones Controller that allows attackers to access user...

CVE-2020-12649 is a directory traversal vulnerability in Gurbalib's help command that allows attackers to read sensitive files outside the intended di...

This CVE describes a Local File Inclusion vulnerability in Onkyo TX-NR585 network audio/video receivers that allows remote unauthenticated attackers o...

This vulnerability allows a malicious Android app to craft an Intent that Firefox for Android processes, potentially overwriting files in the user's p...

CVE-2020-12112 is a local file inclusion vulnerability in BigBlueButton that allows remote attackers to read sensitive files on the server. This affec...

CVE-2020-3177 is a directory traversal vulnerability in Cisco Unified Communications Manager's TAPS interface that allows unauthenticated remote attac...

This vulnerability allows attackers to perform directory traversal attacks on WordPress sites using vulnerable versions of the Snap Creek Duplicator p...

LogicalDoc before version 8.3.3 contains a directory traversal vulnerability in the /servlet.gupld endpoint. This allows attackers to read arbitrary f...

CVE-2020-11596 is a directory traversal vulnerability in CIPPlanner CIPAce 9.1 that allows unauthenticated attackers to enumerate files and directorie...

This vulnerability in GitLab EE allows attackers to perform path traversal attacks through the NPM feature, potentially accessing files outside the in...

This vulnerability allows unauthenticated remote attackers to perform path traversal attacks on SiNVR/SiVMS Video Server's streaming service, enabling...

This CVE describes a directory traversal vulnerability in the embedded web server of certain older Lexmark printers. Attackers can exploit this to acc...

CVE-2020-7966 is a directory traversal vulnerability in GitLab Enterprise Edition that allows attackers to read arbitrary files on the server. This af...

CVE-2020-8545 is a path traversal vulnerability in the Global.py component of the AIL framework version 2.8. This allows attackers to read arbitrary f...

Zed code editor versions before 0.224.4 contain a Zip Slip vulnerability in the extension archive extraction functionality. This allows malicious exte...

Greenplum Database versions before 6.22.3 have a path traversal vulnerability in tar file extraction within GPPKGs. This allows attackers to write arb...

This vulnerability in fabric8 kubernetes-client allows malicious pods/containers to exploit the copy command to extract files outside the intended wor...

This path traversal vulnerability in the Anona WordPress theme allows attackers to download arbitrary files from the server by manipulating file paths...

This vulnerability allows remote attackers to bypass authentication and perform path traversal attacks on Tenda CH22 routers. Attackers can access res...

This vulnerability allows remote attackers to perform path traversal attacks via the /eshell API endpoint in Shiguangwu sgwbox N3 version 2.0.25. Atta...

A path traversal vulnerability in Eaton Galileo software's file upload functionality allows attackers with local access to execute unauthorized code o...

A path traversal vulnerability in lsfusion platform allows remote attackers to manipulate file paths via the 'sid' parameter in UploadFileRequestHandl...

This path traversal vulnerability in geyang ml-logger allows attackers to access arbitrary files on the server by manipulating file paths in the log_h...

Delta Electronics DIALink has a directory traversal authentication bypass vulnerability that allows attackers to access restricted files and bypass au...

This critical vulnerability in 猫宁i Morning allows remote attackers to perform path traversal attacks via the Shiro configuration component. Attack...

This critical vulnerability in xiaoyunjie openvpn-cms-flask allows remote attackers to perform path traversal attacks via the image upload function. A...

This critical vulnerability in eosphoros-ai DB-GPT allows remote attackers to perform path traversal attacks via the import_flow function's File param...

CVE-2024-13181 is a path traversal vulnerability in Ivanti Avalanche that allows remote unauthenticated attackers to bypass authentication mechanisms....

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Arista NG Firewall systems via directory traversal in the cust...

CVE-2024-47010 is a path traversal vulnerability in Ivanti Avalanche that allows remote unauthenticated attackers to bypass authentication mechanisms....

A path traversal vulnerability in Samsung Notes allows local attackers to execute arbitrary code by manipulating file paths. This affects Samsung Note...

This critical vulnerability in ZZCMS 2023 allows remote attackers to perform path traversal attacks via the skin[] parameter in /admin/class.php?dowha...

This CVE describes a path traversal vulnerability (CWE-22) in Schneider Electric software that allows authenticated users to execute malicious code by...

This CVE describes a vulnerability in Git that allows attackers to bypass security protections when cloning repositories from untrusted sources. Speci...

This vulnerability in Zscaler Client Connector (ZSATray) allows path traversal attacks by improperly validating the 'previousInstallerName' parameter....

This path traversal vulnerability in Intel oneAPI Toolkits allows authenticated users with local access to potentially escalate privileges by manipula...