CWE-35
Path Traversal: '.../...//'
VariantIncomplete
Description
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (96)
page 4 of 5| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-0205 | Med | 0.44 | 6.8 | 0.00 | Apr 29, 2026 | A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. | |
| CVE-2025-20313 | Med | 0.44 | 6.7 | 0.00 | Sep 24, 2025 | Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path traversal and improper image integrity validation. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Because this allows the attacker to bypass a major security feature of the device, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. For more information about these vulnerabilities, see the Details ["#details"] section of this advisory. ERP | |
| CVE-2025-24908 | Med | 0.44 | 6.8 | 0.00 | Apr 16, 2025 | Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. (CWE-35) Description Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2, including 9.3.x and 8.3.x, do not sanitize a user input used as a file path through the UploadFile service. Impact This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. | |
| CVE-2025-24907 | Med | 0.44 | 6.8 | 0.00 | Apr 16, 2025 | Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. (CWE-35) Description Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.2, including 9.3.x and 8.3.x, do not sanitize a user input used as a file path through the CGG Draw API. Impact This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. | |
| CVE-2025-26876 | Med | 0.44 | 6.8 | 0.00 | Feb 25, 2025 | Path Traversal: '.../...//' vulnerability in CodeManas Search with Typesense search-with-typesense allows Path Traversal.This issue affects Search with Typesense: from n/a through <= 2.0.8. | |
| CVE-2024-5481 | Med | 0.44 | 6.8 | 0.02 | Jun 7, 2024 | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors. | |
| CVE-2024-2654 | Med | 0.44 | 6.8 | 0.02 | Apr 9, 2024 | The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information. | |
| CVE-2024-49770 | Hig | 0.43 | — | 0.00 | Nov 1, 2024 | `oak` is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. By default `oak` does not allow transferring of hidden files with `Context.send` API. However, prior to version 17.1.3, this can be bypassed by encoding `/` as its URL encoded form `%2F`. For an attacker this has potential to read sensitive user data or to gain access to server secrets. Version 17.1.3 fixes the issue. | |
| CVE-2025-46256 | Med | 0.42 | 6.4 | 0.00 | Jan 7, 2026 | Path Traversal: '.../...//' vulnerability in SigmaPlugin Advanced Database Cleaner PRO allows Path Traversal.This issue affects Advanced Database Cleaner PRO: from n/a through 3.2.10. | |
| CVE-2025-28973 | Med | 0.42 | 6.5 | 0.00 | Dec 31, 2025 | Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress pro-watermark allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through <= 2.0. | |
| CVE-2025-53561 | Med | 0.42 | 6.5 | 0.00 | Aug 20, 2025 | Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through <= 2.6.0. | |
| CVE-2024-56213 | Med | 0.42 | 6.5 | 0.01 | Dec 31, 2024 | Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7. | |
| CVE-2024-54313 | Med | 0.42 | 6.5 | 0.01 | Dec 13, 2024 | Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25. | |
| CVE-2024-41972 | Med | 0.42 | 6.5 | 0.00 | Nov 18, 2024 | A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead to an arbitrary file read with root privileges. | |
| CVE-2024-49258 | Med | 0.42 | 6.5 | 0.02 | Oct 16, 2024 | Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. | |
| CVE-2024-38706 | Med | 0.42 | 6.5 | 0.01 | Jul 12, 2024 | Path Traversal: '.../...//' vulnerability in DevItems HT Mega ht-mega-for-elementor.This issue affects HT Mega: from n/a through <= 2.5.7. | |
| CVE-2025-26940 | Med | 0.41 | 6.3 | 0.00 | Mar 15, 2025 | Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2. | |
| CVE-2025-0858 | Med | 0.38 | — | 0.00 | Feb 5, 2025 | A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. | |
| CVE-2024-7608 | Med | 0.38 | 5.9 | 0.01 | Aug 27, 2024 | An authenticated user can access the restricted files from NX, EX, FX, AX, IVX and CMS using path traversal. | |
| CVE-2025-66004 | Med | 0.37 | 5.7 | 0.00 | Dec 10, 2025 | A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before 3ded00c9985a5108cfc7591a309f9a23d57a8cba. |