Skip to main content

Path Traversal

web HIGH

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation.

How It Works

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation. Attackers inject special sequences like ../ (dot-dot-slash) to escape the intended directory and navigate to arbitrary locations in the file system. Each ../ sequence moves up one directory level, allowing an attacker to break out of a restricted folder and access sensitive files elsewhere on the server.

Attackers employ various encoding techniques to bypass basic filters. Simple URL encoding transforms ../ into %2e%2e%2f, while double encoding becomes %252e%252e%252f (encoding the percent sign itself). Other evasion methods include nested sequences like ....// (which become ../ after filter removal), null byte injection (%00 to truncate path validation), and OS-specific path separators (backslashes on Windows). Absolute paths like /etc/passwd may also work if the application doesn't enforce relative path constraints.

The typical attack flow begins with identifying input parameters that reference files—such as file=, path=, template=, or page=. The attacker then tests various traversal payloads to determine if path validation exists and what depth is needed to reach system files. Success means reading configuration files, credentials, source code, or even writing malicious files if the application allows file uploads or modifications.

Impact

  • Credential exposure: Access to configuration files containing database passwords, API keys, and authentication tokens
  • Source code disclosure: Reading application code reveals business logic, additional vulnerabilities, and hardcoded secrets
  • System file access: Retrieving /etc/passwd, /etc/shadow, or Windows SAM files for credential cracking
  • Configuration tampering: If write access exists, attackers modify settings or inject malicious code
  • Remote code execution: Writing web shells or executable files to web-accessible directories enables full system compromise

Real-World Examples

ZendTo file sharing application (CVE-2025-34508) contained a path traversal vulnerability allowing unauthenticated attackers to read arbitrary files from the server. The flaw existed in file retrieval functionality where user input directly influenced file path construction without adequate validation, exposing sensitive configuration data and potentially system files.

Web application frameworks frequently suffer from path traversal in template rendering engines. When applications allow users to specify template names or include files, insufficient validation permits attackers to read source code from other application modules or framework configuration files, revealing database credentials and session secrets.

File download features in content management systems represent another common vector. Applications that serve user-requested files from disk often fail to restrict paths properly, enabling attackers to download backup files, logs containing sensitive data, or administrative scripts that weren't intended for public access.

Mitigation

  • Avoid user input in file paths: Use indirect references like database IDs mapped to filenames on the server side
  • Canonicalize and validate: Convert paths to absolute canonical form, then verify they remain within the allowed base directory
  • Allowlist permitted files: Maintain an explicit list of accessible files rather than trying to blocklist malicious patterns
  • Chroot jails or sandboxing: Restrict application file system access to specific directories at the OS level
  • Strip dangerous sequences: Remove ../, ..\\, and encoded variants, though this alone is insufficient

Recent CVEs (7729)

EPSS 0% CVSS 7.1
HIGH This Week

SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the EPUB file processing component, specifically in the functionality responsible for extracting and handling EPUB archive contents.

Path Traversal Epub File Reader
NVD
EPSS 0% CVSS 2.1
LOW POC Monitor

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Java Path Traversal Webstack Guns
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Python +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Webitr
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

Improper input sanitization in the file archives upload functionality of Eaton Galileo software allows traversing paths which could lead into an attacker with local access to execute unauthorized. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 9.3
CRITICAL POC Act Now

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Path Traversal PHP +22
NVD
EPSS 1% CVSS 7.7
HIGH POC This Week

Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S.p.A. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mozart Next 100 Firmware Mozart Next 1000 Firmware +20
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Console is a network used to control Gorilla Tag mods' users and other users on the network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Week

UnForm Server versions < 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

A path traversal vulnerability has been identified in certain router models. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 9.2
CRITICAL Act Now

An authentication-bypass vulnerability exists in AiCloud. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 8.2
HIGH This Week

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 9.9
CRITICAL Act Now

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Pingalert Application Server
NVD
EPSS 0% CVSS 8.1
HIGH This Week

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Openatlas
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Elastic Fluent Bit
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Fluent Bit
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A parsing issue in the handling of directory paths was addressed with improved path validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Apple
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The Tainacan plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via uploaded files marked as private being exposed in wp-content without adequate. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Path Traversal Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

The Import WP - Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.14.17 via the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Path Traversal Information Disclosure +1
NVD
EPSS 1% CVSS 9.3
CRITICAL This Week

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A Path Traversal vulnerability has been identified in the Email Security appliance allows an attacker to manipulate file system paths by injecting crafted directory-traversal sequences (such as ../). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Email Security Appliance 5000 Firmware Email Security Appliance 5050 Firmware +3
NVD
EPSS 0% CVSS 2.9
LOW POC Monitor

A security vulnerability has been detected in Dreampie Resty up to 1.3.1.SNAPSHOT. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Month

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE 7 Zip +1
NVD Exploit-DB VulDB
EPSS 1% CVSS 7.5
HIGH This Month

Milos Paripovic OneCommander 3.102.0.0 is vulnerable to Directory Traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Onecommander
NVD
EPSS 0% CVSS 7.5
HIGH POC This Month

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Filecodebox
NVD GitHub
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

esm.sh is a nobuild content delivery network(CDN) for modern web development. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Path Traversal Esm Sh +1
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Week

Astro is a web framework. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Astro
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC PATCH Monitor

Astro is a web framework. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Node.js Path Traversal Astro
NVD GitHub
EPSS 0% CVSS 5.6
MEDIUM This Month

Tanium addressed an arbitrary file deletion vulnerability in TanOS. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Tanos
NVD
EPSS 0% CVSS 7.8
HIGH POC This Month

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal SSRF Agent Dvr
NVD
EPSS 1% CVSS 8.8
HIGH This Month

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP RCE +4
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Microsoft Serv U +1
NVD
EPSS 0% CVSS 6.2
MEDIUM POC This Month

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to arbitrary locations. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Pdfpatcher
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

A security vulnerability has been detected in wwwlike vlife up to 2.0.1.java of the component VLifeApi. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A weakness has been identified in lsfusion platform up to 6.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Java Lsfusion Platform
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was determined in lsfusion platform up to 6.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 7.0
HIGH This Month

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Copy and Paste vulnerability. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal CSRF Tenderdoctransfer
NVD
EPSS 1% CVSS 7.0
HIGH This Month

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Delete vulnerability. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal CSRF Tenderdoctransfer
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was found in lsfusion platform up to 6.1. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Java Lsfusion Platform
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability was identified in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Java
NVD GitHub VulDB
EPSS 0% CVSS 1.9
LOW POC Monitor

A vulnerability was found in code-projects Email Logging Interface 2.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal RCE Microsoft
NVD GitHub VulDB
EPSS 0% CVSS 3.7
LOW Monitor

An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arbitrary external content. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Path Traversal Pingalert Application Server
NVD
EPSS 88% 7.6 CVSS 9.8
CRITICAL POC KEV THREAT Emergency

Fortinet FortiWeb contains a relative path traversal allowing unauthenticated attackers to execute administrative commands through crafted HTTP/HTTPS requests.

Path Traversal Fortinet Fortiweb
NVD GitHub Exploit-DB VulDB
EPSS 0% CVSS 8.7
HIGH This Month

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 8.2
HIGH This Month

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal IBM Vios +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cleanCache() function in all versions up to, and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Path Traversal PHP +1
NVD
EPSS 0% CVSS 8.7
HIGH POC This Week

Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH POC This Week

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD Exploit-DB
EPSS 0% CVSS 8.7
HIGH POC This Week

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD Exploit-DB
EPSS 3% CVSS 8.7
HIGH POC This Week

JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model) contain a directory traversal vulnerability in the checkcgi endpoint that accepts a user-controlled. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD Exploit-DB
EPSS 0% CVSS 9.4
CRITICAL This Week

N-central < 2025.4 is vulnerable to authentication bypass via path traversal. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Authentication Bypass N Central
NVD
EPSS 0% CVSS 7.3
HIGH This Month

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause elevated system access when a Web Admin user on the local network tampers with the POST /REST/UpdateJRE request payload.

Path Traversal
NVD
EPSS 0% CVSS 7.3
HIGH This Month

Improper Limitation of a Pathname 'Path Traversal') vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload files to a restricted directory leading to code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Firewall Analyzer
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Github Copilot Chat
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Onedrive +1
NVD
EPSS 0% CVSS 8.9
HIGH This Month

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. Rated high severity (CVSS 8.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Information Disclosure +2
NVD
EPSS 0% CVSS 8.9
HIGH This Month

A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation Interface™ via the API. Rated high severity (CVSS 8.9), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SSRF Path Traversal Microsoft +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. Rated medium severity (CVSS 6.4). No vendor patch available.

Path Traversal Privilege Escalation Axis Os
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Path Traversal Information Disclosure +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Path Traversal Business Connector
NVD
EPSS 2% CVSS 8.7
HIGH POC This Week

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal vulnerability within the web-based DICOM viewer component. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP
NVD Exploit-DB
EPSS 0% CVSS 5.3
MEDIUM This Month

IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure IBM +1
NVD
EPSS 1% CVSS 7.1
HIGH This Month

A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Command Injection
NVD
EPSS 0% CVSS 2.0
LOW POC Monitor

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub VulDB
EPSS 2% CVSS 6.5
MEDIUM This Month

The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' functionality in all versions up to, and including, 2.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Path Traversal PHP +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpfnl_delete_log() function in all versions up to, and including, 3.6.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Path Traversal PHP +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

CVAT is an open source interactive video and image annotation tool for computer vision. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Week

KubeVirt is a virtual machine management add-on for Kubernetes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Kubernetes Kubevirt +2
NVD GitHub
EPSS 0% CVSS 7.5
HIGH POC This Month

A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Tquadra Cms
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova Smallworld on Windows, Linux allows File Manipulation.3.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Microsoft Windows
NVD
EPSS 1% CVSS 7.5
HIGH POC This Month

AstrBot Project v3.5.22 contains a directory traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Astrbot
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Month

A relative path traversal vulnerability has been reported to affect QuMagie. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Qumagie
NVD
EPSS 0% CVSS 2.3
LOW Monitor

A relative path traversal vulnerability has been reported to affect Download Station. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Download Station
NVD
EPSS 0% CVSS 4.0
MEDIUM Monitor

A path traversal vulnerability has been reported to affect Qsync Central. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Qsync Central
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

archives is a Go library for extracting archives (tar, zip, etc.). Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Dosage is a comic strip downloader and archiver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Deviceon Iedge
NVD GitHub
EPSS 0% CVSS 8.7
HIGH This Month

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to cause a denial-of-service condition, traverse directories, or read/write files, within the context. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Deviceon Iedge
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM This Month

Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction() that allows an authenticated. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Webaccess Vpn
NVD
EPSS 27% CVSS 8.8
HIGH This Month

Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.7% and no vendor patch available.

Path Traversal RCE
NVD GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Path Traversal Authentication Bypass +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Path traversal in Download Counter WordPress plugin through version 1.4 allows unauthenticated remote attackers to read arbitrary files from the web server. The vulnerability enables confidentiality breach through directory traversal sequences. EPSS score of 0.09% indicates low observed exploitation probability. No active exploitation confirmed via CISA KEV, though Patchstack database listing suggests security researcher awareness and potential for weaponization.

Path Traversal
NVD
EPSS 0% CVSS 7.2
HIGH This Month

Path Traversal: '.../...//' vulnerability in Dmitry V. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Path traversal in Blanka WordPress theme versions before 1.5 enables unauthenticated remote attackers to include arbitrary PHP files from the server filesystem via malformed directory sequences ('.../...//'). Despite high CVSS 8.1, real-world exploitation requires specific server conditions (attack complexity high). EPSS score of 0.07% (20th percentile) indicates low observed exploitation likelihood. No CISA KEV listing or public POC identified at time of analysis, suggesting limited active targeting despite theoretical severity.

WordPress Path Traversal PHP
NVD
Prev Page 21 of 86 Next

Quick Facts

Typical Severity
HIGH
Category
web
Total CVEs
7729

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy