VYPR

CWE-23

Relative Path Traversal

BaseDraft

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-139 · CAPEC-76

CVEs mapped to this weakness (193)

page 2 of 10
  • CVE-2018-14795HigAug 21, 2018
    risk 0.57cvss 8.8epss 0.02

    DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace executable files.

  • CVE-2017-13996HigOct 5, 2017
    risk 0.57cvss 8.8epss 0.03

    A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute…

  • CVE-2026-34926MedKEVMay 21, 2026
    risk 0.56cvss 6.7epss 0.13

    A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the…

  • CVE-2026-29201HigMay 8, 2026
    risk 0.56cvss 8.6epss 0.00

    Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is passed.

  • CVE-2024-49253HigOct 16, 2024
    risk 0.56cvss 8.6epss 0.01

    Relative Path Traversal vulnerability in JamesPark.ninja Analyse Uploads analyse-uploads allows Relative Path Traversal.This issue affects Analyse Uploads: from n/a through <= 0.5.

  • CVE-2026-23734CriMay 20, 2026
    risk 0.55cvss epss 0.20

    XWiki Platform is a generic wiki platform. Versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17 allow access to read configuration files by using URLs such as http://localhost:8080/bin/ssx/Main/WebHome?resource=/../../WEB-INF/xwiki.cfg&minify=false, leading to Path…

  • CVE-2025-54317HigJul 20, 2025
    risk 0.55cvss 8.4epss 0.01

    An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).

  • CVE-2026-41948CriMay 18, 2026
    risk 0.54cvss 9.4epss 0.01

    Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal REST API by exploiting insufficient URL path sanitization. Attackers can traverse out of their authorized tenant…

  • CVE-2025-47788CriMay 15, 2025
    risk 0.54cvss epss 0.00

    Atheos is a self-hosted browser-based cloud IDE. Prior to v602, similar to GHSA-rgjm-6p59-537v/CVE-2025-22152, the `$target` parameter in `/controller.php` was not properly validated, which could allow an attacker to execute arbitrary files on the server via path traversal. v602…

  • CVE-2026-5422HigJun 2, 2026
    risk 0.53cvss 8.1epss 0.00

    A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator,…

  • CVE-2026-5966HigApr 20, 2026
    risk 0.53cvss 8.1epss 0.00

    ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system.

  • CVE-2026-4415HigMar 30, 2026
    risk 0.53cvss 8.1epss 0.01

    Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or…

  • CVE-2026-2818HigFeb 20, 2026
    risk 0.53cvss 8.2epss 0.00

    A zip-slip path traversal vulnerability in Spring Data Geode's import snapshot functionality allows attackers to write files outside the intended extraction directory. This vulnerability appears to be susceptible on Windows OS only.

  • CVE-2025-32409HigApr 7, 2025
    risk 0.53cvss 8.1epss 0.01

    Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct image-update location as a consequence of both directory traversal and unintended…

  • CVE-2018-10615HigJun 4, 2018
    risk 0.53cvss 8.1epss 0.03

    Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.

  • CVE-2026-52813criJun 23, 2026
    risk 0.52cvss epss 0.01

    ### Summary Organization names containing path traversal sequences (`../`) are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary locations on the filesystem. By…

  • CVE-2025-41280HigMay 29, 2026
    risk 0.51cvss 7.8epss 0.00

    Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is…

  • CVE-2025-10203HigSep 15, 2025
    risk 0.51cvss 7.8epss 0.00

    Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .DWF3WORK file. This vulnerability affects Digilent…

  • CVE-2024-47637HigOct 16, 2024
    risk 0.50cvss 8.8epss 0.01

    Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through <= 6.4.1.

  • CVE-2024-35186HigMay 23, 2024
    risk 0.50cvss 8.8epss 0.01

    gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads…