VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 146 of 275
  • CVE-2025-24605MedFeb 3, 2025
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RealMag777 WOLF bulk-editor allows Path Traversal.This issue affects WOLF: from n/a through <= 1.0.8.5.

  • CVE-2025-24611MedJan 24, 2025
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Smackcoders Inc., WP Ultimate Exporter wp-ultimate-exporter allows Absolute Path Traversal.This issue affects WP Ultimate Exporter: from n/a through <= 2.9.

  • CVE-2024-56248MedJan 2, 2025
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.

  • CVE-2024-54452MedDec 27, 2024
    risk 0.32cvss 4.9epss 0.01

    An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18. A Directory Traversal and Local File Inclusion vulnerability in the logsSys.do page allows remote attackers (authenticated as administrators) to trigger the display of unintended…

  • CVE-2024-54382MedDec 16, 2024
    risk 0.32cvss 4.9epss 0.02

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Path Traversal.This issue affects Bold Page Builder: from n/a through <= 5.1.5.

  • CVE-2024-52396MedNov 14, 2024
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RealMag777 WOLF bulk-editor allows Path Traversal.This issue affects WOLF: from n/a through <= 1.0.8.3.

  • CVE-2024-48224MedOct 25, 2024
    risk 0.32cvss 4.9epss 0.01

    Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.

  • CVE-2024-46212MedOct 16, 2024
    risk 0.32cvss 4.9epss 0.01

    An issue in the component /index.php?page=backup/export of REDAXO CMS v5.17.1 allows attackers to execute a directory traversal.

  • CVE-2024-9146MedOct 5, 2024
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through <= 1.5.0.

  • CVE-2023-23872MedMay 17, 2024
    risk 0.32cvss 4.9epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in German Mesky GMAce allows Path Traversal.This issue affects GMAce: from n/a through 1.5.2.

  • CVE-2024-2294MedMar 16, 2024
    risk 0.32cvss 4.9epss 0.01

    The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.2.7 via the backup_name parameter in the backuply_download_backup function. This makes it possible for attackers to have an…

  • CVE-2024-22398MedMar 14, 2024
    risk 0.32cvss 4.9epss 0.01

    An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance…

  • CVE-2024-22723MedFeb 28, 2024
    risk 0.32cvss 4.9epss 0.01

    Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the…

  • CVE-2023-51651MedDec 22, 2023
    risk 0.32cvss 6.0epss 0.00

    AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer…

  • CVE-2023-2688MedJun 9, 2023
    risk 0.32cvss 4.9epss 0.02

    The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Path Traversal in versions up to, and including, 4.19.1 via the vulnerable parameter wfu_newpath. This allows administrator-level attackers to move files uploaded with the plugin…

  • CVE-2022-2945MedSep 6, 2022
    risk 0.32cvss 4.9epss 0.01

    The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with…

  • CVE-2022-2943MedSep 6, 2022
    risk 0.32cvss 4.9epss 0.01

    The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary file reading in versions up to, and including, 5.5.3 due to insufficient file path validation on the alm_repeaters_export() function. This makes it possible for authenticated…

  • CVE-2022-21221MedMar 17, 2022
    risk 0.32cvss 5.9epss 0.02

    The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows…

  • CVE-2021-29425MedApr 13, 2021
    risk 0.32cvss 4.8epss 0.11

    In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus…

  • CVE-2019-13237MedAug 27, 2019
    risk 0.32cvss 4.3epss 0.07

    In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and…