CWE-22: Path Traversal

This CVE describes a path traversal vulnerability in feiyuchuixue sz-boot-parent up to version 1.3.2-beta. Attackers can manipulate the templateName p...

This CVE describes a path traversal vulnerability in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Attackers can remotely exploit th...

This path traversal vulnerability in rachelos WeRSS we-mp-rss allows remote attackers to read arbitrary files on the server by manipulating the filena...

JeecgBoot versions up to 3.9.0 contain a path traversal vulnerability in the Retrieval-Augmented Generation Module's /airag/knowledge/doc/edit endpoin...

Articentgroup Zip Rar Extractor Tool 1.345.93.0 contains a directory traversal vulnerability in its ZIP file processing component. Attackers can explo...

This CVE describes a path traversal vulnerability in jishenghua jshERP's PluginController component. Attackers can exploit the /jshERP-boot/plugin/upl...

This CVE describes a path traversal vulnerability in the yeqifu warehouse software that allows attackers to read arbitrary files on the server by mani...

This CVE describes a path traversal vulnerability in the FTP daemon service of Edimax BR-6208AC routers. Attackers can exploit this remotely to access...

Advantech WebAccess/SCADA is vulnerable to directory traversal (CWE-22), allowing attackers to check if arbitrary files exist on the system. This affe...

This CVE describes a path traversal vulnerability in baowzh hfly's admin interface that allows attackers to read arbitrary files on the server. The vu...

The Jenkins Redpen - Pipeline Reporter for Jira Plugin vulnerability allows attackers with Item/Configure permission to bypass path validation and ret...

An unauthenticated directory traversal vulnerability in SNMP Web Pro 1.1 allows remote attackers to read arbitrary files on the server. The vulnerabil...

A path traversal vulnerability in Yottamaster DM2, DM3, and DM200 NAS devices allows attackers to upload files to arbitrary locations via the file upl...

This vulnerability in ORICO CD3510 version 1.9.12 allows remote attackers to perform path traversal attacks via the file upload component. This could ...

This vulnerability allows remote authenticated users to read file metadata and path information through a FileStation CGI component. It affects Synolo...

This vulnerability allows authenticated users to read .srt subtitle files on Synology Video Station systems. It affects Synology Video Station install...

This CVE describes a path traversal vulnerability in jeecgboot jeewx-boot that allows attackers to manipulate the imgurl parameter to access arbitrary...

This CVE describes a path traversal vulnerability in Shenzhen Ruiming Technology's Streamax Crocus system version 1.3.40. Attackers can manipulate the...

This CVE describes a path traversal vulnerability in Shenzhen Ruiming Technology's Streamax Crocus system version 1.3.40. Attackers can remotely explo...

This CVE describes a path traversal vulnerability in Dibo Data Decision Making System's downloadImpTemplet function. Attackers can manipulate the file...

A path traversal vulnerability in kodbox up to version 1.61.09 allows attackers to access files outside the intended directory by manipulating the 'pa...

This CVE describes a path traversal vulnerability in SeriaWei ZKEACMS up to version 4.3. Attackers can manipulate the ID parameter in the Download fun...

This vulnerability allows attackers to perform path traversal attacks through the LaTeX file handler in gpt_academic. By manipulating the \input{} arg...

A path traversal vulnerability in Display Painéis TGA allows attackers to access files outside the intended directory by manipulating the 'current_fo...

This vulnerability allows authenticated attackers with 'WebCfg - Services: suricata package' permissions to perform directory traversal attacks in pfS...

This vulnerability allows authenticated attackers with Snort package permissions to perform directory traversal attacks in pfSense CE's Snort IP reput...

This vulnerability allows authenticated users with file upload permissions to overwrite file attachment thumbnails via path traversal in Mattermost's ...

Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability that allows attackers to read arbitrary files on the server. ...

This critical vulnerability in YiJiuSmile kkFileViewOfficeEdit allows remote attackers to perform path traversal attacks via the 'url' parameter in th...

This path traversal vulnerability in Langchain-Chatchat allows attackers to access files outside the intended directory via the /v1/files endpoint. It...

This path traversal vulnerability in Whistle 2.9.98 allows attackers to access arbitrary files on the server by manipulating the filename parameter in...

This CVE describes a path traversal vulnerability in SoluçõesCoop iSoluçõesWEB's profile update component. Attackers can manipulate the 'nomeArqui...

This CVE describes a path traversal vulnerability in the aaluoxiang oa_system that allows attackers to read arbitrary files on the server. The vulnera...

A path traversal vulnerability in H3C SecCenter SMP-E1114P02 allows attackers to access arbitrary files on the system by manipulating the 'Name' param...

This CVE describes a path traversal vulnerability in H3C SecCenter SMP-E1114P02 that allows attackers to access arbitrary files on the system by manip...

This CVE describes a path traversal vulnerability in the feng_ha_ha/megagao ssm-erp and production_ssm software versions 1.0. Attackers can exploit th...

This vulnerability in 74CMS allows attackers to perform path traversal attacks by manipulating the 'url' parameter in the download function. Attackers...

This vulnerability in Wangshen SecGate 3600 2400 allows attackers to perform path traversal attacks via the file_name parameter in the log_export_file...

This vulnerability in HCL AppScan Traffic Recorder allows attackers to bypass directory restrictions through filename manipulation, potentially access...

CVE-2022-25773 is a path traversal vulnerability in Mautic's asset upload functionality that allows authenticated users to upload files to directories...

This vulnerability in iteachyou Dreamer CMS 4.1.3 allows remote attackers to perform path traversal attacks via the /resource/js/ueditor-1.4.3.3 file....

This path traversal vulnerability in CmsEasy 7.7.7.9 allows attackers to delete arbitrary files on the server by manipulating the imgname parameter in...

This vulnerability allows remote attackers to perform path traversal attacks in olajowon Loggrove's Logfile Update Handler. By manipulating the 'path'...

This path traversal vulnerability in Revolution Pi allows authenticated attackers to list directories on the device by manipulating the 'dir' paramete...

This vulnerability allows authenticated remote attackers to write arbitrary files to the Sante PACS Server filesystem via directory traversal in DCM f...

This CVE describes a path traversal vulnerability in JoeyBling bootplus that allows attackers to access files outside the intended directory by manipu...

This CVE describes a path traversal vulnerability in Shanghai Lingdang Information Technology's Lingdang CRM software. Attackers can manipulate the 'p...

An authenticated attacker can exploit this vulnerability in AC500 V3 products to read system-wide files and configurations. This affects all AC500 V3 ...

This CVE-2024-12793 is a path traversal vulnerability in PbootCMS that allows attackers to access files outside the intended directory by manipulating...

This CVE describes a path traversal vulnerability in InvoicePlane's invoices.php file that allows attackers to access arbitrary files on the server by...