Skip to main content

Path Traversal

web HIGH

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation.

How It Works

Path traversal exploits occur when applications use user-controlled input to construct file system paths without proper validation. Attackers inject special sequences like ../ (dot-dot-slash) to escape the intended directory and navigate to arbitrary locations in the file system. Each ../ sequence moves up one directory level, allowing an attacker to break out of a restricted folder and access sensitive files elsewhere on the server.

Attackers employ various encoding techniques to bypass basic filters. Simple URL encoding transforms ../ into %2e%2e%2f, while double encoding becomes %252e%252e%252f (encoding the percent sign itself). Other evasion methods include nested sequences like ....// (which become ../ after filter removal), null byte injection (%00 to truncate path validation), and OS-specific path separators (backslashes on Windows). Absolute paths like /etc/passwd may also work if the application doesn't enforce relative path constraints.

The typical attack flow begins with identifying input parameters that reference files—such as file=, path=, template=, or page=. The attacker then tests various traversal payloads to determine if path validation exists and what depth is needed to reach system files. Success means reading configuration files, credentials, source code, or even writing malicious files if the application allows file uploads or modifications.

Impact

  • Credential exposure: Access to configuration files containing database passwords, API keys, and authentication tokens
  • Source code disclosure: Reading application code reveals business logic, additional vulnerabilities, and hardcoded secrets
  • System file access: Retrieving /etc/passwd, /etc/shadow, or Windows SAM files for credential cracking
  • Configuration tampering: If write access exists, attackers modify settings or inject malicious code
  • Remote code execution: Writing web shells or executable files to web-accessible directories enables full system compromise

Real-World Examples

ZendTo file sharing application (CVE-2025-34508) contained a path traversal vulnerability allowing unauthenticated attackers to read arbitrary files from the server. The flaw existed in file retrieval functionality where user input directly influenced file path construction without adequate validation, exposing sensitive configuration data and potentially system files.

Web application frameworks frequently suffer from path traversal in template rendering engines. When applications allow users to specify template names or include files, insufficient validation permits attackers to read source code from other application modules or framework configuration files, revealing database credentials and session secrets.

File download features in content management systems represent another common vector. Applications that serve user-requested files from disk often fail to restrict paths properly, enabling attackers to download backup files, logs containing sensitive data, or administrative scripts that weren't intended for public access.

Mitigation

  • Avoid user input in file paths: Use indirect references like database IDs mapped to filenames on the server side
  • Canonicalize and validate: Convert paths to absolute canonical form, then verify they remain within the allowed base directory
  • Allowlist permitted files: Maintain an explicit list of accessible files rather than trying to blocklist malicious patterns
  • Chroot jails or sandboxing: Restrict application file system access to specific directories at the OS level
  • Strip dangerous sequences: Remove ../, ..\\, and encoded variants, though this alone is insufficient

Recent CVEs (7733)

EPSS 1% CVSS 6.0
MEDIUM PATCH This Month

The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Mxview One
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Enms
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Simple Forum Discussion System
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Tiptel Ip 286 Firmware Sip T28P Firmware
NVD
EPSS 99% CVSS 9.1
CRITICAL POC KEV EUVD KEV THREAT Act Now

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ivanti Endpoint Manager Cloud Services Appliance
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/admin_class.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP File Upload +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup() function of the file rental/admin_class.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP File Upload +1
NVD GitHub
EPSS 15% CVSS 7.7
HIGH POC PATCH THREAT This Week

Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Information Disclosure Camaleon Cms
NVD GitHub Exploit-DB
EPSS 0% CVSS 9.2
CRITICAL Act Now

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.3.24. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Contao is an Open Source CMS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Contao
NVD GitHub
EPSS 1% CVSS 7.2
HIGH This Week

An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Path Traversal PHP +1
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL Act Now

A flaw was found in openshift/builder. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Privilege Escalation Path Traversal +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

A path handling issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Apple macOS
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Apple Ipados +3
NVD VulDB
EPSS 1% CVSS 5.5
MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Ipados +2
NVD
EPSS 12% CVSS 9.3
CRITICAL POC THREAT Act Now

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Microsoft Webiq
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in xiaohe4966 TpMeCMS up to 1.3.3.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Tpmecms
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Wcms
NVD GitHub VulDB
EPSS 1% CVSS 5.1
MEDIUM POC This Month

A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Composio
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in JFinalCMS up to 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jfinalcms
NVD GitHub VulDB
EPSS 15% CVSS 7.5
HIGH POC PATCH THREAT This Week

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Path Traversal Java
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A path traversal vulnerability exists in the Rockwell Automation affected product. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Rockwell +1
NVD
EPSS 11% CVSS 8.5
HIGH This Week

CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Thinmanager
NVD
EPSS 1% CVSS 9.2
CRITICAL Act Now

CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal XSS +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A vulnerability was found in JFinalCMS up to 20240903. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jfinalcms
NVD GitHub VulDB
EPSS 1% CVSS 5.1
MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jfinalcms
NVD GitHub VulDB
EPSS 0% CVSS 9.2
CRITICAL Act Now

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidco Software VOC TESTER allows Path Traversal.34.8. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Voc Tester
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM This Month

A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure
NVD VulDB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Nix is a package manager for Linux and other Unix systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Nix
NVD GitHub
EPSS 1% CVSS 6.0
MEDIUM This Month

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.13, 6.4.0 through 6.4.9, 6.2.0 through. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Denial Of Service Fortinet +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Phpok
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Dell +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Seacms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Orca Hcm
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A path traversal vulnerability allows an attacker with a low-privileged account and local access to the system to perform local privilege escalation (LPE). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Path Traversal Veeam Backup Replication
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap +2
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DataFlowX Technology DataDiodeX allows Path Traversal.0.0 before v3.1.7. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Datadiodex
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

stripe-cli is a command-line tool for the payment processor Stripe. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Stripe Cli
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal C Mor Video Surveillance
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal C Mor Video Surveillance
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Path Traversal Webmethods Integration
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as problematic was found in ABCD ABCD2 up to 2.2.0-beta-1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP Abcd
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Abcd
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The The Ultimate WordPress Toolkit - WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the download_file_ajax function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal WordPress Wp Extended
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Samsung +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Android
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and User Creation in all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP WordPress +3
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Emui Harmonyos
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Overleaf is a web-based collaborative LaTeX editor. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Overleaf
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC This Month

audiobookshelf is a self-hosted audiobook and podcast server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Audiobookshelf
NVD GitHub
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

actions/artifact is the GitHub ToolKit for developing GitHub Actions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Actions Artifact Actions Toolkit
NVD GitHub Exploit-DB
EPSS 1% CVSS 8.8
HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sk. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP Animated Number Counters
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Unauthenticated path traversal in Themeum's Droip WordPress plugin (versions prior to 2.5.2) lets remote attackers read sensitive files outside the intended directory and trigger availability impact with scope change to the underlying WordPress host. CVSS rates this 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H), and while no public exploit is identified at time of analysis, the EPSS of 1.13% (78th percentile) signals meaningfully elevated exploitation interest relative to the broader CVE population.

Path Traversal
NVD
EPSS 1% CVSS 5.1
MEDIUM POC This Month

A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jpress
NVD GitHub VulDB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Ollama
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Eq Enterprise Management System
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Ws Ftp Server
NVD
EPSS 26% CVSS 6.5
MEDIUM This Month

The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 3.7.3.2 via the 'af2DeleteFontFile' function. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.7% and no vendor patch available.

RCE Path Traversal WordPress +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information.0.4 and before 5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Netiq Access Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Microscada Pro Sys600 Microscada X Sys600
NVD
EPSS 1% CVSS 8.4
HIGH This Week

A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal M Files Server
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

An authenticated user can access the restricted files from NX, EX, FX, AX, IVX and CMS using path traversal. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal
NVD
EPSS 0% CVSS 2.1
LOW Monitor

A vulnerability was identified in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Beikeshop
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW POC Monitor

A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Beikeshop
NVD GitHub VulDB
EPSS 6% CVSS 9.8
CRITICAL POC Emergency

An arbitrary file write issue in the exfiltration endpoint in BYOB (Build Your Own Botnet) 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
NVD GitHub
EPSS 14% CVSS 7.5
HIGH POC THREAT This Week

A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mage Ai
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mage Ai
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mage Ai
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

NGINX Agent's "config_dirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Nginx Nginx Agent +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mattermost CSRF
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Windscribe Directory Traversal Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Path Traversal +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP
NVD GitHub
EPSS 2% CVSS 8.1
HIGH This Week

Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Unified Secops Platform
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Unified Secops Platform
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Unified Secops Platform
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Unified Secops Platform
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Priority - CWE-552: Files or Directories Accessible to External Parties. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Priority
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file deletion due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal PHP +2
NVD
EPSS 1% CVSS 9.0
CRITICAL PATCH Act Now

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal PHP +2
NVD
Prev Page 37 of 86 Next

Quick Facts

Typical Severity
HIGH
Category
web
Total CVEs
7733

Related CWEs

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy