VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 37 of 275
  • CVE-2025-27210HigJul 18, 2025
    risk 0.52cvss 7.5epss 0.10

    An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of `path.join` API.

  • CVE-2025-7360CriJul 15, 2025
    risk 0.52cvss 9.1epss 0.01

    The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handle_files_upload() function in all versions up to, and including, 2.2.1. This…

  • CVE-2025-32018HigApr 8, 2025
    risk 0.52cvss 8.0epss 0.00

    Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either…

  • CVE-2025-30567HigMar 25, 2025
    risk 0.52cvss 7.5epss 0.03

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP01 WP01 wp01 allows Path Traversal.This issue affects WP01: from n/a through <= 2.6.2.

  • CVE-2024-5752CriMar 20, 2025
    risk 0.52cvss 9.1epss 0.01

    A path traversal vulnerability exists in stitionai/devika, specifically in the project creation functionality. In the affected version beacf6edaa205a5a5370525407a6db45137873b3, the project name is not validated, allowing an attacker to create a project with a crafted name that…

  • CVE-2024-11042CriMar 20, 2025
    risk 0.52cvss 9.1epss 0.01

    In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH…

  • CVE-2024-52787CriNov 25, 2024
    risk 0.52cvss 9.1epss 0.01

    An issue in the upload_documents method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file.

  • CVE-2024-10313HigOct 24, 2024
    risk 0.52cvss 8.0epss 0.00

    iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal vulnerability. When the software loads a malicious ‘ems' project template file constructed by an attacker, it can write files to arbitrary directories. This can lead to overwriting system files, …

  • CVE-2024-39621HigAug 1, 2024
    risk 0.52cvss 8.0epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through <= 2.9.4.

  • CVE-2024-4315CriJun 12, 2024
    risk 0.52cvss 9.1epss 0.01

    parisneo/lollms version 9.5 is vulnerable to Local File Inclusion (LFI) attacks due to insufficient path sanitization. The `sanitize_path_from_endpoint` function fails to properly sanitize Windows-style paths (backward slash `\`), allowing attackers to perform directory…

  • CVE-2024-31232HigMay 17, 2024
    risk 0.52cvss 8.0epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sizam Design Rehub allows PHP Local File Inclusion.This issue affects Rehub: from n/a through 19.6.1.

  • CVE-2023-5938HigMay 15, 2024
    risk 0.52cvss 8.0epss 0.01

    Multiple functions use archives without properly validating the filenames therein, rendering the application vulnerable to path traversal via 'zip slip' attacks. An administrator able to provide tampered archives to be processed by the affected versions of Arc may be able to…

  • CVE-2024-28335CriMar 27, 2024
    risk 0.52cvss 9.1epss 0.01

    Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the…

  • CVE-2024-24591HigFeb 6, 2024
    risk 0.52cvss 8.0epss 0.01

    A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with.

  • CVE-2023-6021HigNov 16, 2023
    risk 0.52cvss 7.5epss 0.37

    LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-…

  • CVE-2023-35169CriJun 23, 2023
    risk 0.52cvss 9.0epss 0.03

    PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a…

  • CVE-2020-36566CriDec 27, 2022
    risk 0.52cvss 9.1epss 0.01

    Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

  • CVE-2020-36561CriDec 27, 2022
    risk 0.52cvss 9.1epss 0.01

    Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

  • CVE-2020-36560CriDec 27, 2022
    risk 0.52cvss 9.1epss 0.01

    Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.

  • CVE-2018-25046CriDec 27, 2022
    risk 0.52cvss 9.1epss 0.01

    Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.