CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
BaseStableLikelihood: High
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (3,719)
page 8 of 186| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-31850 | Hig | 0.63 | 8.6 | 0.90 | Apr 5, 2024 | A path traversal vulnerability exists in the Java version of CData Arc < 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions. | |
| CVE-2023-5241 | Cri | 0.63 | 9.6 | 0.02 | Oct 19, 2023 | The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. | |
| CVE-2026-42048 | Cri | 0.62 | 9.6 | 0.00 | May 12, 2026 | Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases). This occurs because user-supplied knowledge base names are concatenated directly into file paths without proper sanitization or boundary validation. An authenticated attacker can exploit this flaw to delete arbitrary directories anywhere on the server's filesystem, leading to data loss and potential service disruption. This vulnerability is fixed in 1.9.0. | |
| CVE-2026-44336 | Cri | 0.62 | 9.6 | 0.00 | May 8, 2026 | PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a path or filename string from MCP tools/call arguments and joins it onto ~/.praison/rules/ (or, for workflow.show, accepts an absolute path) with no containment check. The JSON-RPC dispatcher passes params["arguments"] blind to each handler via **kwargs without validating against the advertised input schema. By setting rule_name="../../<some-path>" an attacker walks out of the rules directory and writes any file the running user can write. Dropping a Python .pth file into the user site-packages directory escalates this primitive to arbitrary code execution in any subsequent Python process the user spawns — the next praisonai CLI invocation, an IDE script run, the user's python REPL, or any background Python service. This issue has been patched in version 4.6.34. | |
| CVE-2026-41589 | Cri | 0.62 | 9.6 | 0.00 | May 7, 2026 | Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../ sequences over the SCP protocol. This issue has been patched in version 2.0.1. | |
| CVE-2026-36760 | Cri | 0.62 | 9.6 | 0.00 | Apr 30, 2026 | An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled. | |
| CVE-2026-5166 | Cri | 0.62 | 9.6 | 0.00 | Apr 29, 2026 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 0.6.4. | |
| CVE-2026-39399 | Cri | 0.62 | 9.6 | 0.00 | Apr 14, 2026 | NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a crafted nuspec file with malicious metadata, leading to cross package metadata injection that may result in remote code execution (RCE) and/or arbitrary blob writes due to insufficient input validation. The issue is exploitable via URI fragment injection using unsanitized package identifiers, allowing an attacker to control the resolved blob path. This enables writes to arbitrary blobs within the storage container, not limited to .nupkg files, resulting in potential tampering of existing content. This issue has been patched in commit 0e80f87628349207cdcaf55358491f8a6f1ca276. | |
| CVE-2026-28373 | Cri | 0.62 | 9.6 | 0.00 | Apr 3, 2026 | The Stackfield Desktop App before 1.10.2 for macOS and Windows contains a path traversal vulnerability in certain decryption functionality when processing the filePath property. A malicious export can write arbitrary content to any path on the victim's filesystem. | |
| CVE-2024-49286 | Cri | 0.62 | 9.6 | 0.01 | Oct 20, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Jeroen Berkvens SSV Events ssv-events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through <= 3.2.7. | |
| CVE-2024-44014 | Cri | 0.62 | 9.6 | 0.01 | Oct 5, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vmax Studio Vmax Project Manager vmax-project-manager allows PHP Local File Inclusion.This issue affects Vmax Project Manager: from n/a through <= 1.0. | |
| CVE-2024-32258 | Hig | 0.62 | 8.8 | 0.56 | Apr 23, 2024 | The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM. | |
| CVE-2023-5212 | Cri | 0.62 | 9.6 | 0.00 | Oct 19, 2023 | The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. This makes it possible for authenticated attackers with subscriber privileges to delete arbitrary files on the server, which makes it possible to take over affected sites as well as others sharing the same hosting account. Version 4.9.1 originally addressed the issue, but it was reintroduced in 4.9.2 and fixed again in 4.9.3. | |
| CVE-2017-5261 | Hig | 0.62 | 8.8 | 0.24 | Dec 20, 2017 | In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to all authenticated users. | |
| CVE-2016-1000112 | Cri | 0.62 | 9.1 | 0.36 | Oct 6, 2016 | Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin | |
| CVE-2013-3993 | Med | 0.62 | 6.5 | 0.26 | KEV | Jul 7, 2014 | IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls. |
| CVE-2026-41203 | Cri | 0.61 | — | 0.00 | May 7, 2026 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Theme::upload extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user with the theme create permission to write files to arbitrary filesystem locations (Zip Slip) and achieve remote code execution by dropping a PHP file under the public web root. This issue has been patched in version 0.31.5.0. | |
| CVE-2026-41202 | Cri | 0.61 | — | 0.00 | May 7, 2026 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Backup::restore extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user with the backup create permission to write files to arbitrary filesystem locations (Zip Slip) and achieve remote code execution by dropping a PHP file under the public web root. This issue has been patched in version 0.31.5.0. | |
| CVE-2025-9963 | Cri | 0.61 | — | 0.00 | Sep 23, 2025 | A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 (commit d0f97fd9). | |
| CVE-2025-53120 | Cri | 0.61 | 9.4 | 0.02 | Aug 25, 2025 | A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server. |