VYPR

CWE-35

Path Traversal: '.../...//'

VariantIncomplete

Description

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (119)

page 1 of 6
  • CVE-2026-6074CriApr 23, 2026
    risk 0.64cvss 9.8epss 0.01

    Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the download_debuglog_file.php endpoint used for Debug Logs downloads. An unauthenticated attacker can manipulate the name parameter to read arbitrary files outside the intended…

  • CVE-2025-59793CriFeb 17, 2026
    risk 0.64cvss 9.9epss 0.01

    Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxis2Impl to authenticated users to be able to upload files. However, the application doesn't properly sanitize the jobDirectory parameter, which allows path traversal sequences to…

  • CVE-2025-41723CriOct 22, 2025
    risk 0.64cvss 9.8epss 0.01

    The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

  • CVE-2025-42937CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.01

    SAP Print Service (SAPSprint) performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the…

  • CVE-2018-3744CriMay 29, 2018
    risk 0.64cvss 9.8epss 0.02

    The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.

  • CVE-2026-52703CriJun 15, 2026
    risk 0.62cvss 9.6epss 0.00

    Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.

  • CVE-2025-53417CriAug 5, 2025
    risk 0.61cvss epss 0.11

    DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability

  • CVE-2025-5598CriJun 4, 2025
    risk 0.60cvss epss 0.00

    Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve Embedded Sensitive Data.This issue affects airleader MASTER: 3.0046.

  • CVE-2024-56045CriDec 31, 2024
    risk 0.60cvss 9.3epss 0.01

    Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.

  • CVE-2026-40128CriJun 9, 2026
    risk 0.59cvss 9.0epss 0.00

    SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the…

  • CVE-2026-7302CriMay 18, 2026
    risk 0.59cvss 9.1epss 0.00

    SGLangs multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints.

  • CVE-2026-42661HigJun 15, 2026
    risk 0.57cvss 8.8epss 0.00

    Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.

  • CVE-2026-45661CriMay 29, 2026
    risk 0.57cvss 9.9epss 0.01

    Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with…

  • CVE-2026-45495HigMay 18, 2026
    risk 0.57cvss 8.8epss 0.01

    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

  • CVE-2026-42930HigMay 13, 2026
    risk 0.57cvss 8.7epss 0.00

    When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2026-20034HigMay 6, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could…

  • CVE-2025-59099HigJan 26, 2026
    risk 0.57cvss epss 0.01

    The Access Manager is using the open source web server CompactWebServer written in C#. This web server is affected by a path traversal vulnerability, which allows an attacker to directly access files via simple GET requests without prior authentication. Hence, it is possible…

  • CVE-2025-53880HigOct 30, 2025
    risk 0.57cvss epss 0.00

    A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is…

  • CVE-2025-47649HigMay 7, 2025
    risk 0.57cvss 8.8epss 0.00

    Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through <= 4.9.9.

  • CVE-2024-49249HigJan 7, 2025
    risk 0.56cvss 8.6epss 0.01

    Path Traversal: '.../...//' vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through <= 2.3.