VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 2 of 275
  • CVE-2024-31848CriApr 5, 2024
    risk 0.71cvss 9.8epss 0.08

    A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.

  • CVE-2017-16720CriJan 5, 2018
    risk 0.71cvss 9.8epss 0.50

    A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.

  • CVE-2011-10010CriAug 13, 2025
    risk 0.70cvss epss 0.01

    QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual…

  • CVE-2023-6825CriMar 13, 2024
    risk 0.70cvss 9.9epss 0.06

    The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version) and 8.3.4 (Pro version) via the target parameter in the mk_file_folder_manager_action_callback_shortcode function.…

  • CVE-2018-14064CriJul 15, 2018
    risk 0.70cvss 9.8epss 0.38

    The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80.

  • CVE-2017-12943CriAug 18, 2017
    risk 0.70cvss 9.8epss 0.39

    D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password.

  • CVE-2015-3035HigKEVApr 22, 2015
    risk 0.70cvss 7.5epss 0.84

    Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302,…

  • CVE-2009-1936CriJun 5, 2009
    risk 0.70cvss 9.8epss 0.42

    _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP…

  • CVE-2025-34040CriJun 24, 2025
    risk 0.69cvss epss 0.14

    An arbitrary file upload vulnerability exists in the Zhiyuan OA platform via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of…

  • CVE-2024-57728HigKEVJan 15, 2025
    risk 0.69cvss 7.2epss 0.08

    SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

  • CVE-2023-6989CriFeb 5, 2024
    risk 0.69cvss 9.8epss 0.57

    The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to…

  • CVE-2018-7300CriFeb 22, 2018
    risk 0.69cvss 9.8epss 0.32

    Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated…

  • CVE-2018-5997CriJan 25, 2018
    risk 0.69cvss 9.8epss 0.24

    An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.

  • CVE-2017-1000002CriJul 17, 2017
    risk 0.69cvss 9.8epss 0.31

    ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component…

  • CVE-2025-4524CriMay 21, 2025
    risk 0.68cvss 9.8epss 0.09

    The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute…

  • CVE-2012-6664CriJun 21, 2024
    risk 0.68cvss 9.1epss 0.30

    Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10 and earlier allow remote attackers to read or write arbitrary files via a .. (dot dot) in the (1) get or (2) put commands.

  • CVE-2024-27954CriMay 17, 2024
    risk 0.68cvss 9.3epss 0.73

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0.

  • CVE-2018-14007CriAug 15, 2018
    risk 0.68cvss 9.8epss 0.56

    Citrix XenServer 7.1 and newer allows Directory Traversal.

  • CVE-2018-0258CriMay 2, 2018
    risk 0.68cvss 9.8epss 0.50

    A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following…

  • CVE-2017-16597CriJan 23, 2018
    risk 0.68cvss 9.8epss 0.58

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ…