CWE-22: Path Traversal

This path traversal vulnerability in the AWSM Team WordPress plugin allows attackers to read arbitrary files on the server by manipulating file paths....

This CVE describes a path traversal vulnerability in the Livemesh Addons for Elementor WordPress plugin. It allows attackers to read arbitrary files o...

This path traversal vulnerability in WhatsUp Gold allows unauthenticated attackers to access files outside the intended directory via specially crafte...

This CVE describes a path traversal vulnerability in the WordPress Slideshow SE plugin that allows authenticated users with author-level permissions t...

CVE-2024-36527 is a directory traversal vulnerability in puppeteer-renderer that allows attackers to read sensitive server files by manipulating URL p...

A directory traversal vulnerability in iceice666 ResourcePack Server allows remote attackers to read arbitrary files on the server by manipulating fil...

This vulnerability allows attackers to read arbitrary files on the server through path traversal in the Sina Extension for Elementor WordPress plugin....

This vulnerability allows attackers to read arbitrary files on the server through path traversal in the Better Elementor Addons WordPress plugin. It a...

A path traversal vulnerability in MosP kintai kanri V4.6.6 and earlier allows authenticated remote attackers to access sensitive system files. This af...

This vulnerability in Vaultize allows authenticated users to create temporary files outside intended directories by manipulating filename parameters d...

This path traversal vulnerability in the WordPress SellKit plugin allows attackers to download arbitrary files from the server by manipulating file pa...

CVE-2024-34712 is a path traversal vulnerability in the Oceanic Discord library for NodeJS. Attackers can manipulate input to functions like removeBan...

CVE-2024-24908 is a path traversal vulnerability in Dell PowerProtect DM5500 that allows authenticated high-privilege attackers to delete arbitrary fi...

This vulnerability in A10 Thunder ADC allows authenticated remote attackers to perform directory traversal attacks, potentially disclosing sensitive f...

This vulnerability in LG Simple Editor allows authenticated attackers to bypass authentication and perform directory traversal attacks via the getImag...

This vulnerability in LG Simple Editor allows authenticated attackers to bypass authentication and perform directory traversal attacks via the getImag...

CVE-2023-0241 is a directory traversal vulnerability in pgAdmin 4 that allows authenticated users to access or modify files outside the intended direc...

CVE-2026-28800 is a critical remote code execution vulnerability in Natro Macro (an AutoHotkey-based Bee Swarm Simulator macro) that allows attackers ...

CVE-2025-35053 allows authenticated users in Newforma Info Exchange (NIX) to read and delete arbitrary files with NetworkService privileges via the '/...

A path traversal vulnerability in Nokia Single RAN baseband software allows attackers to access unauthorized files or directories by sending crafted S...

This vulnerability in SIGB PMB allows attackers to perform Local File Inclusion (LFI) and achieve remote code execution. It affects all installations ...

This CVE describes a path traversal vulnerability in DataLinkDC Dinky's GitRepository component. Attackers can manipulate the projectName parameter to...

This is a path traversal vulnerability in bolo-solo blogging software that allows attackers to manipulate file paths during blog import operations. At...

This CVE describes a path traversal vulnerability in bolo-blog's bolo-solo software that allows attackers to manipulate file paths through the importF...

This CVE describes a path traversal vulnerability in bolo-blog's bolo-solo software up to version 2.6.4. Attackers can exploit the unpackFilteredZip f...

This CVE describes a path traversal vulnerability in Sobey Media Convergence System versions 2.0 and 2.1. Attackers can remotely exploit the /sobey-mc...

This vulnerability allows remote attackers to perform path traversal attacks in Yohann0617 oci-helper versions up to 3.2.4. By manipulating file argum...

This vulnerability allows remote attackers to perform path traversal attacks via the project import function in Scada-LTS. By exploiting improper path...

This CVE describes a path traversal vulnerability in the lsfusion platform's unpackFile function that allows remote attackers to write files outside i...

This CVE describes a path traversal vulnerability in the JwtAuthenticationFilter component of shsuishang ShopSuite ModulithShop. Attackers can exploit...

This vulnerability allows remote attackers to perform path traversal attacks via the xml_file parameter in OpenClinica's CRF Data Import component. At...

This CVE describes a path traversal vulnerability in givanz Vvveb CMS up to version 1.0.7.3. Attackers can manipulate file paths through the Code Edit...

CVE-2025-11842 is a path traversal vulnerability in Shazwazza Smidge's Bundle Handler component that allows attackers to access files outside the inte...

This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attackers can remotely exploit the file upload function to...

A path traversal vulnerability in MoneyPrinterTurbo's API endpoint allows attackers to write arbitrary files to the server filesystem by manipulating ...

This is a path traversal vulnerability in Bjskzy Zhiyou ERP that allows attackers to manipulate file paths in the uploadStudioFile function. Remote ex...

This CVE describes a path traversal vulnerability in JSC R7 R7-Office Document Server's /downloadas/ endpoint. Attackers can manipulate the 'cmd' para...

MoneyPrinterTurbo 1.2.6 contains a path traversal vulnerability that allows attackers to read arbitrary files on the server via specially crafted down...

This path traversal vulnerability in kalcaddle kodbox 1.61 allows remote attackers to read or write arbitrary files by manipulating the 'path' paramet...

This is a critical path traversal vulnerability in MigoXLab LMeterX 1.2.0 that allows attackers to access arbitrary files on the server by manipulatin...

This critical path traversal vulnerability in gooaclok819 sublinkX allows attackers to access arbitrary files on the server by manipulating the filena...

A critical path traversal vulnerability in diyhi bbs 6.8 allows remote attackers to manipulate directory paths via the dirName parameter in the API co...

This critical vulnerability in Spring-Boot-In-Action allows attackers to perform path traversal attacks via the filename parameter in the watermarkTes...

This critical vulnerability in quequnlong shiyi-blog allows remote attackers to perform path traversal attacks via the /api/file/upload endpoint. By m...

This critical path traversal vulnerability in jammy928 CoinExchange_CryptoExchange_Java allows attackers to write arbitrary files to server directorie...

This critical vulnerability in merikbest ecommerce-spring-reactjs allows attackers to perform path traversal attacks via the filename parameter in the...

This vulnerability allows a sandboxed process to bypass sandbox restrictions through a path handling issue. It affects Apple iOS, iPadOS, and macOS us...

This critical vulnerability in lenve VBlog allows remote attackers to perform path traversal attacks via the uploadImg function's filename parameter. ...

CVE-2024-57248 is a directory traversal vulnerability in Gleamtech FileVista 9.2.0.0 that allows attackers to bypass access controls and upload malici...

A critical path traversal vulnerability in SourceCodester Simple Forum-Discussion System 1.0 allows remote attackers to access arbitrary files on the ...