VYPR

CWE-73

External Control of File Name or Path

BaseDraftLikelihood: High

Description

The product allows user input to control or influence paths or file names that are used in filesystem operations.

Hierarchy (View 1000)

Children

Related attack patterns (CAPEC)

CAPEC-13 · CAPEC-267 · CAPEC-64 · CAPEC-72 · CAPEC-76 · CAPEC-78 · CAPEC-79 · CAPEC-80

CVEs mapped to this weakness (245)

page 2 of 13
  • CVE-2025-10134CriSep 9, 2025
    risk 0.59cvss 9.1epss 0.01

    The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 3.2.2. This makes it possible for…

  • CVE-2025-5393CriJul 15, 2025
    risk 0.59cvss 9.1epss 0.01

    The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 7.8.5. This makes it…

  • CVE-2025-2409CriMay 22, 2025
    risk 0.59cvss 9.1epss 0.00

    File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.

  • CVE-2025-0851CriJan 29, 2025
    risk 0.59cvss 9.8epss 0.23

    A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.

  • CVE-2011-10030HigAug 20, 2025
    risk 0.58cvss epss 0.00

    Foxit PDF Reader <  4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged…

  • CVE-2024-12066HigDec 21, 2024
    risk 0.58cvss 8.8epss 0.01

    The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with…

  • CVE-2026-11526CriJun 14, 2026
    risk 0.57cvss 9.8epss 0.01

    GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Image::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe ("| cmd",…

  • CVE-2026-48920HigMay 27, 2026
    risk 0.57cvss 8.8epss 0.00

    Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows inlining images as `base64` in email content by setting the `data-inline` attribute, without restrictions on the image URLs that can be inlined, allowing attackers able to control the email content to specify…

  • CVE-2026-40370HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.01

    External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.

  • CVE-2026-44127HigMay 8, 2026
    risk 0.57cvss epss 0.16

    SEPPmail Secure Email Gateway before version 15.0.4 contains an unauthenticated path traversal vulnerability in the identifier parameter of /api.app/attachment/preview that allows remote attackers to read arbitrary local files and trigger deletion of files in the targeted…

  • CVE-2026-40342CriApr 17, 2026
    risk 0.57cvss 9.9epss 0.01

    Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated…

  • CVE-2025-65115HigApr 7, 2026
    risk 0.57cvss 8.8epss 0.01

    Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job…

  • CVE-2020-37078HigFeb 3, 2026
    risk 0.57cvss 8.8epss 0.00

    i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that allows authenticated attackers to delete arbitrary files by manipulating the delete_import parameter. Attackers can send a POST request to the import module with a crafted filename to…

  • CVE-2021-47871HigJan 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows authenticated attackers to write files to arbitrary locations using the API index.php endpoint. Attackers can exploit the v-make-tmp-file command to write SSH keys or other content to specific…

  • CVE-2020-36878HigDec 5, 2025
    risk 0.57cvss epss 0.00

    ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files…

  • CVE-2025-12529HigDec 2, 2025
    risk 0.57cvss 8.8epss 0.00

    The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject…

  • CVE-2025-6237CriSep 18, 2025
    risk 0.57cvss 9.8epss 0.00

    A vulnerability in invokeai version v6.0.0a1 and below allows attackers to perform path traversal and arbitrary file deletion via the GET /api/v1/images/download/{bulk_download_item_name} endpoint. By manipulating the filename arguments, attackers can read and delete any files…

  • CVE-2025-29866HigAug 7, 2025
    risk 0.57cvss epss 0.00

    : External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.

  • CVE-2025-49588HigJul 2, 2025
    risk 0.57cvss epss 0.00

    Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can…

  • CVE-2026-30284HigMar 31, 2026
    risk 0.56cvss 8.6epss 0.00

    An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.