VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 141 of 275
  • CVE-2025-13261MedNov 17, 2025
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was found in lsfusion platform up to 6.1. Affected is the function DownloadFileRequestHandler of the file web-client/src/main/java/lsfusion/http/controller/file/DownloadFileRequestHandler.java. Performing manipulation of the argument Version results in path…

  • CVE-2025-42919MedNov 11, 2025
    risk 0.34cvss 5.3epss 0.00

    Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. An unauthenticated attacker could exploit this vulnerability by inserting arbitrary path components in the request, allowing…

  • CVE-2025-64485MedNov 8, 2025
    risk 0.34cvss epss 0.00

    CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.4.0 through 2.48.1, a malicious CVAT user with at least the User global role may create files in the root of the mounted file share, or overwrite existing files. If no file…

  • CVE-2025-7719MedNov 7, 2025
    risk 0.34cvss epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova Smallworld on Windows, Linux allows File Manipulation.This issue affects Smallworld: 5.3.5. and previous versions.

  • CVE-2025-12203MedOct 27, 2025
    risk 0.34cvss 6.3epss 0.00

    A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched…

  • CVE-2025-11842MedOct 16, 2025
    risk 0.34cvss 6.3epss 0.00

    A security vulnerability has been detected in Shazwazza Smidge up to 4.5.1. The impacted element is an unknown function of the component Bundle Handler. The manipulation of the argument Version leads to path traversal. Remote exploitation of the attack is possible. Upgrading to…

  • CVE-2025-42906MedOct 14, 2025
    risk 0.34cvss 5.3epss 0.00

    SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web applications such as the Administration Console from addresses where the Administration Console is not explicitly deployed. This could potentially bypass configured access restrictions,…

  • CVE-2025-44163MedJun 27, 2025
    risk 0.34cvss 6.3epss 0.01

    RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/get_wgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the `entity` parameter to overwrite arbitrary files writable by the web server via abuse…

  • CVE-2025-22240MedJun 13, 2025
    risk 0.34cvss 6.3epss 0.00

    Arbitrary directory creation or file deletion. In the find_file method of the GitFS class, a path is created using os.path.join using unvalidated input from the “tgt_env” variable. This can be exploited by an attacker to delete any file on the Master's process has…

  • CVE-2025-41428MedJun 3, 2025
    risk 0.34cvss 5.3epss 0.01

    Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker.

  • CVE-2024-11615MedMay 5, 2025
    risk 0.34cvss 5.3epss 0.00

    The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.0 via the 'zetra_deleteLanguageFile' and 'zetra_deleteFontsFile' functions. This is due to the plugin not properly validating a file or its path prior to…

  • CVE-2025-27299MedApr 17, 2025
    risk 0.34cvss 5.3epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Asia MyTicket Events myticket-events allows Path Traversal.This issue affects MyTicket Events: from n/a through <= 1.2.4.

  • CVE-2024-13538MedFeb 18, 2025
    risk 0.34cvss 5.3epss 0.01

    The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.0.0. This is due the /vendor/cocur/slugify/bin/generate-default.php file being directly accessible and triggering an error. This…

  • CVE-2024-13535MedFeb 18, 2025
    risk 0.34cvss 5.3epss 0.00

    The Actionwear products sync plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.3.2. This is due the composer-setup.php file being publicly accessible with 'display_errors' set to true. This makes it possible for unauthenticated…

  • CVE-2024-42187MedJan 23, 2025
    risk 0.34cvss 5.3epss 0.00

    BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application could allow operators to download files from a local repository which is vulnerable to path traversal attacks.

  • CVE-2025-0615MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an attacker to modify an email to contain the ‘+’ symbol to access the application and win prizes as many times as wanted.

  • CVE-2025-0614MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.00

    Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability could allow an attacker to modify a single email to contain upper and lower case characters in order to access the application and win prizes as many times as wanted.

  • CVE-2024-54132MedDec 4, 2024
    risk 0.34cvss epss 0.01

    The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This…

  • CVE-2024-53844MedNov 26, 2024
    risk 0.34cvss 6.3epss 0.00

    E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in `RestExportService.java`. This vulnerability allows an attacker to access sensitive…

  • CVE-2024-47166MedOct 10, 2024
    risk 0.34cvss 5.3epss 0.00

    Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read path traversal** in the `/custom_component` endpoint. Attackers can exploit this flaw to access and leak source code from custom Gradio components by…