CWE-35
Path Traversal: '.../...//'
VariantIncomplete
Description
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (96)
page 3 of 5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-52805 | Hig | 0.49 | 7.5 | 0.00 | Jul 4, 2025 | Path Traversal: '.../...//' vulnerability in VaultDweller Leyka leyka allows PHP Local File Inclusion.This issue affects Leyka: from n/a through <= 3.32.1. | |
| CVE-2025-49451 | Hig | 0.49 | 7.5 | 0.01 | Jun 17, 2025 | Path Traversal: '.../...//' vulnerability in yannisraft Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery aeroscroll-gallery allows Path Traversal.This issue affects Aeroscroll Gallery – Infinite Scroll Image Gallery & Post Grid with Photo Gallery: from n/a through <= 1.0.13. | |
| CVE-2025-39492 | Hig | 0.49 | 7.5 | 0.00 | May 16, 2025 | Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue affects WHMpress: from 6.2 through revision. | |
| CVE-2025-47636 | Hig | 0.49 | 7.5 | 0.00 | May 7, 2025 | Path Traversal: '.../...//' vulnerability in Fernando Briano List category posts list-category-posts allows PHP Local File Inclusion.This issue affects List category posts: from n/a through <= 0.91.0. | |
| CVE-2025-32585 | Hig | 0.49 | 7.5 | 0.00 | Apr 11, 2025 | Path Traversal: '.../...//' vulnerability in Trusty Plugins Shop Products Filter trusty-woo-products-filter allows PHP Local File Inclusion.This issue affects Shop Products Filter: from n/a through <= 1.2. | |
| CVE-2025-30834 | Hig | 0.49 | 7.5 | 0.01 | Apr 1, 2025 | Path Traversal: '.../...//' vulnerability in Bit Apps Bit Assist bit-assist allows Path Traversal.This issue affects Bit Assist: from n/a through <= 1.5.4. | |
| CVE-2025-26935 | Hig | 0.49 | 7.5 | 0.00 | Feb 25, 2025 | Path Traversal: '.../...//' vulnerability in wpjobportal WP Job Portal wp-job-portal allows PHP Local File Inclusion.This issue affects WP Job Portal: from n/a through <= 2.2.8. | |
| CVE-2025-22786 | Hig | 0.49 | 7.5 | 0.00 | Jan 15, 2025 | Path Traversal: '.../...//' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.2.6. | |
| CVE-2024-21575 | Hig | 0.49 | 8.6 | 0.01 | Dec 12, 2024 | ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of the `image.filename` field in a POST request sent to the `/upload/temp` endpoint added by the extension to the server. This results in writing arbitrary files to the file system which may, under some conditions, result in remote code execution (RCE). | |
| CVE-2024-52498 | Hig | 0.49 | 7.5 | 0.00 | Nov 28, 2024 | Path Traversal: '.../...//' vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | |
| CVE-2024-50054 | Hig | 0.49 | 7.5 | 0.00 | Nov 22, 2024 | The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system. | |
| CVE-2024-51582 | Hig | 0.49 | 7.5 | 0.02 | Nov 4, 2024 | Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking wp-hotel-booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through <= 2.2.9. | |
| CVE-2024-45248 | Hig | 0.49 | 7.5 | 0.00 | Oct 6, 2024 | Multi-DNC – CWE-35: Path Traversal: '.../...//' | |
| CVE-2024-47324 | Hig | 0.49 | 7.5 | 0.01 | Oct 5, 2024 | Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | |
| CVE-2025-58972 | Hig | 0.47 | 7.2 | 0.00 | Nov 6, 2025 | Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.10.4. | |
| CVE-2023-7263 | Hig | 0.47 | 7.3 | 0.00 | Dec 28, 2024 | Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been assigned a (CVE)ID:CVE-2023-7263 | |
| CVE-2024-27901 | Hig | 0.47 | 7.2 | 0.00 | Apr 9, 2024 | SAP Asset Accounting could allow a high privileged attacker to exploit insufficient validation of path information provided by the users and pass it through to the file API's. Thus, causing a considerable impact on confidentiality, integrity and availability of the application. | |
| CVE-2026-24464 | Med | 0.44 | 6.8 | 0.00 | May 13, 2026 | When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cross a security boundary and delete files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |
| CVE-2026-0804 | Med | 0.44 | 6.7 | 0.00 | May 12, 2026 | An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application. | |
| CVE-2026-42274 | Hig | 0.44 | — | 0.00 | May 8, 2026 | Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs rule matching on the raw (non-normalized) request path, while downstream components may normalize dot-segments according to RFC 3986, Section 6.2.2.3. This discrepancy can result in heimdall authorizing a request for one path (e.g., /user/../admin, or URL-encoded variants such as /user/%2e%2e/admin or /user/%2e%2e%2fadmin. The latter would require the allow_encoded_slashes option to be set to on or no_decode.) while the downstream ultimately processes a different, normalized path (/admin). This issue has been patched in version 0.17.14. |