CWE-22: Path Traversal

This critical vulnerability in Advantech iView allows attackers to bypass path restrictions and access arbitrary files on the system. It affects all v...

CVE-2025-10283 is a path traversal vulnerability in BBOT's gitdumper module that allows remote code execution when processing malicious git repositori...

CVE-2024-38824 is a critical directory traversal vulnerability in SaltStack's recv_file method that allows attackers to write arbitrary files to the m...

CVE-2025-24891 is a critical path traversal vulnerability in Dumb Drop file upload application that allows authenticated users to overwrite arbitrary ...

This path traversal vulnerability in the SSV Events WordPress plugin allows attackers to include arbitrary local PHP files, potentially leading to rem...

This vulnerability allows attackers to perform path traversal attacks in Vmaxstudio Vmax Project Manager WordPress plugin, leading to local file inclu...

CVE-2024-23475 is a critical directory traversal vulnerability in SolarWinds Access Rights Manager that allows unauthenticated attackers to delete arb...

This vulnerability allows unauthenticated attackers to traverse directories and execute arbitrary code with SYSTEM privileges on SolarWinds Access Rig...

This CVE describes a path traversal vulnerability (CWE-22) in QNAP Media Streaming add-on that allows attackers to access sensitive files on the syste...

SolarWinds Access Rights Manager (ARM) contains a directory traversal vulnerability that allows unauthenticated attackers to execute arbitrary code re...

SolarWinds Access Rights Manager (ARM) contains a directory traversal vulnerability that allows unauthenticated attackers to execute arbitrary code re...

This vulnerability in the AI ChatBot for WordPress plugin allows attackers with subscriber-level access to perform directory traversal and append PHP ...

This vulnerability allows authenticated non-administrative users to exploit a directory traversal flaw in SAPRSBRO program to overwrite critical syste...

This CVE allows attackers with non-administrative SAP authorizations to exploit a directory traversal vulnerability in SAP NetWeaver ABAP services. At...

This vulnerability in Marvell QConvergeConsole allows unauthenticated remote attackers to delete arbitrary files and read sensitive information by exp...

This vulnerability in Python's tarfile module allows attackers to write arbitrary files outside the intended extraction directory when extracting untr...

This is a path traversal vulnerability in Ivanti CSA (Cloud Services Appliance) that allows remote unauthenticated attackers to bypass security restri...

A directory traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart allows attackers to read or write arbitrary files via the IEC61850 File Transfe...

CVE-2024-0964 is a critical local file inclusion vulnerability in Gradio that allows remote attackers to read arbitrary files on the server by exploit...

Mammoth document conversion library versions before 1.11.0 are vulnerable to directory traversal attacks when processing DOCX files containing images ...

This vulnerability in the WordPress Automatic plugin allows unauthenticated attackers to perform path traversal attacks, potentially downloading arbit...

CVE-2023-50255 is a path traversal vulnerability in Deepin-Compressor, the default archive manager for Deepin Linux OS. When users open specially craf...

A path traversal vulnerability in Zoom Desktop Client for Windows allows unauthenticated attackers to escalate privileges via network access. This aff...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the heidi-luong1109/shackerpanel reposito...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the ralphjzhang/iasset repository. It aff...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the OpenMF application. It affects any de...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the AutomatedQuizEval repository. It affe...

This vulnerability allows attackers to perform absolute path traversal attacks in the umeshpatil-dev/Home__internet repository, enabling unauthorized ...

This vulnerability allows attackers to perform absolute path traversal attacks by exploiting unsafe usage of Flask's send_file function in the yuriyou...

This vulnerability allows attackers to perform absolute path traversal attacks in the pleomax00/flask-mongo-skel repository, enabling unauthorized fil...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the rainsoupah/sleep-learner GitHub repos...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the romain20100/nursequest repository. It...

This vulnerability allows attackers to perform absolute path traversal attacks in the seveas/golem repository, enabling unauthorized file access. It a...

This vulnerability allows attackers to perform absolute path traversal attacks in the tsileo/flask-yeoman repository, enabling unauthorized file acces...

This vulnerability allows attackers to perform absolute path traversal attacks in the varijkapil13/Sphere_ImageBackend repository, enabling unauthoriz...

This vulnerability allows attackers to perform absolute path traversal attacks in the whmacmac/vprj GitHub repository, enabling unauthorized file acce...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the yogson/syrabond repository. It affect...

This vulnerability allows attackers to read arbitrary files on the server through path traversal in the DSABenchmark/DSAB repository. It affects users...

This vulnerability allows attackers to perform absolute path traversal attacks in the ceee-vip/cockybook repository, enabling unauthorized file access...

This vulnerability allows attackers to perform absolute path traversal attacks in the deepaliupadhyay/RealEstate repository due to unsafe use of Flask...

This vulnerability allows attackers to read arbitrary files on the server by exploiting path traversal in the Fishtank repository's Flask application....

This vulnerability allows attackers to read arbitrary files on the server by exploiting path traversal in the Flask send_file function. It affects any...

This vulnerability allows attackers to perform absolute path traversal attacks in the kotekan/kotekan repository, enabling unauthorized file access. I...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the Barry Voice Assistant Flask applicati...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the SetupBox repository. It affects any s...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the ml-inory/ModelConverter repository. I...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the noamezekiel/sphere repository. It aff...

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the olmax99/helm-flask-celery repository....

This vulnerability allows attackers to read arbitrary files on the server through absolute path traversal in the SummaLabs/DLS repository. It affects ...

This vulnerability allows attackers to perform absolute path traversal attacks in the Wildog/flask-file-server repository, enabling unauthorized file ...