VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 139 of 275
  • CVE-2016-5332MedAug 31, 2016
    risk 0.35cvss 5.3epss 0.03

    Directory traversal vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.6.0 allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2016-5098MedJul 5, 2016
    risk 0.35cvss 5.3epss 0.02

    Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error.

  • CVE-2016-2872MedJul 2, 2016
    risk 0.35cvss 5.3epss 0.02

    Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.7 and QRadar Incident Forensics 7.2.x before 7.2.7 allows remote attackers to read arbitrary files via a crafted URL.

  • CVE-2016-1191MedJun 19, 2016
    risk 0.35cvss 5.3epss 0.02

    Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.

  • CVE-2016-1223MedJun 19, 2016
    risk 0.35cvss 5.3epss 0.04

    Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2015-4703MedJan 12, 2016
    risk 0.35cvss 5.3epss 0.03

    Absolute path traversal vulnerability in mysqldump_download.php in the WordPress Rename plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the dumpfname parameter.

  • CVE-2026-36726MedJun 9, 2026
    risk 0.34cvss 5.3epss 0.01

    An arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of bookcars v8.3 allows unauthenticated attackers to delete arbitrary files via supplying directory traversal sequences.

  • CVE-2026-11470MedJun 8, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the…

  • CVE-2026-46337MedMay 29, 2026
    risk 0.34cvss 5.3epss 0.00

    WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private user-profile photos that the application's normal serving wrappers gate behind…

  • CVE-2026-24208MedMay 20, 2026
    risk 0.34cvss 5.3epss 0.01

    NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.

  • CVE-2026-8754MedMay 17, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was detected in AstrBotDevs AstrBot up to 4.23.5. Impacted is the function post_file of the file astrbot/dashboard/routes/chat.py of the component File Upload Handler. The manipulation of the argument filename results in path traversal. It is possible to launch…

  • CVE-2026-8215MedMay 10, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of the argument m_strSourceFileName causes path traversal. The attack can be…

  • CVE-2026-8115MedMay 7, 2026
    risk 0.34cvss 5.3epss 0.01

    A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be…

  • CVE-2026-7728MedMay 4, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. The attack can be launched remotely. The…

  • CVE-2026-7589MedMay 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function create_csv_export of the file services/csv-export-service/app/api/v1/endpoints/csv_export.py of the component CSV Export. This…

  • CVE-2026-7588MedMay 1, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has…

  • CVE-2026-7403MedApr 29, 2026
    risk 0.34cvss 5.3epss 0.01

    A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in path traversal. The attack may be performed from remote. The exploit has been…

  • CVE-2026-7396MedApr 29, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component WeChat Work Platform Adapter. The manipulation leads to path traversal. It is possible to initiate the…

  • CVE-2026-7235MedApr 28, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads…

  • CVE-2026-7217MedApr 28, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of…