VYPR

CWE-23

Relative Path Traversal

BaseDraft

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-139 · CAPEC-76

CVEs mapped to this weakness (193)

page 3 of 10
  • CVE-2026-10073HigMay 29, 2026
    risk 0.49cvss 7.5epss 0.00

    DreamMaker developed by Interinfo has an Arbitrary File Read vulnerability, allowing unauthenticated local attackers to exploit Relative Path Traversal to download arbitrary system files.

  • CVE-2025-41271HigMay 29, 2026
    risk 0.49cvss 7.5epss 0.00

    Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device.

  • CVE-2026-8361HigMay 27, 2026
    risk 0.49cvss 7.5epss 0.00

    A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

  • CVE-2026-43533HigMay 5, 2026
    risk 0.49cvss 8.6epss 0.00

    OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage boundary. Attackers can craft malicious reply text containing media tags to disclose arbitrary local…

  • CVE-2026-30345HigMar 18, 2026
    risk 0.49cvss 7.5epss 0.00

    A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import.

  • CVE-2025-12097HigDec 4, 2025
    risk 0.49cvss 7.5epss 0.01

    There is a relative path traversal vulnerability in the NI System Web Server that may result in information disclosure.  Successful exploitation requires an attacker to send a specially crafted request to the NI System Web Server, allowing the attacker to read arbitrary files.…

  • CVE-2025-13161HigNov 14, 2025
    risk 0.49cvss 7.5epss 0.00

    IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

  • CVE-2025-58429HigOct 23, 2025
    risk 0.49cvss 7.5epss 0.01

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.

  • CVE-2025-58078HigOct 23, 2025
    risk 0.49cvss 7.5epss 0.01

    A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target…

  • CVE-2025-11898HigOct 17, 2025
    risk 0.49cvss 7.5epss 0.01

    Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

  • CVE-2025-59835HigOct 2, 2025
    risk 0.49cvss epss 0.00

    LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory…

  • CVE-2025-9639HigAug 29, 2025
    risk 0.49cvss 7.5epss 0.01

    The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

  • CVE-2025-7146HigJul 8, 2025
    risk 0.49cvss 7.5epss 0.01

    The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to read arbitrary system file.

  • CVE-2025-47445HigMay 14, 2025
    risk 0.49cvss 7.5epss 0.05

    Relative Path Traversal vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.26.

  • CVE-2024-9363HigMar 20, 2025
    risk 0.49cvss 7.5epss 0.01

    An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An attacker can delete important files within the containers, such as `polyaxon.sock`, causing the API…

  • CVE-2025-25130HigMar 3, 2025
    risk 0.49cvss 7.5epss 0.00

    Relative Path Traversal vulnerability in Shah Alom Delete Comments By Status delete-comments-by-status allows Path Traversal.This issue affects Delete Comments By Status: from n/a through <= 2.1.1.

  • CVE-2024-50453HigOct 28, 2024
    risk 0.49cvss 7.5epss 0.01

    Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through <= 2.0.9.

  • CVE-2024-6433HigJul 10, 2024
    risk 0.49cvss 7.5epss 0.01

    The application zips all the files in the folder specified by the user, which allows an attacker to read arbitrary files on the system by providing a crafted path. This vulnerability can be exploited by sending a request to the application with a malicious snapshot_path…

  • CVE-2023-3940HigMay 21, 2024
    risk 0.49cvss 7.5epss 0.01

    Relative Path Traversal vulnerability in ZkTeco-based OEM devices allows an attacker to access any file on the system. This issue affects ZkTeco-based OEM devices (ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME and possibly others) with the…

  • CVE-2024-0335HigApr 3, 2024
    risk 0.49cvss 7.5epss 0.01

    ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may be used by several Symphony Plus products (e.g., S+ Operations, S+ Engineering and S+ Analyst) This issue affects Symphony Plus S+ Operations: from 3..0;0 through…