VYPR

CWE-73

External Control of File Name or Path

BaseDraftLikelihood: High

Description

The product allows user input to control or influence paths or file names that are used in filesystem operations.

Hierarchy (View 1000)

Children

Related attack patterns (CAPEC)

CAPEC-13 · CAPEC-267 · CAPEC-64 · CAPEC-72 · CAPEC-76 · CAPEC-78 · CAPEC-79 · CAPEC-80

CVEs mapped to this weakness (245)

page 3 of 13
  • CVE-2026-30292HigApr 1, 2026
    risk 0.55cvss 8.4epss 0.00

    An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1.0.34 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2026-30291HigApr 1, 2026
    risk 0.55cvss 8.4epss 0.00

    An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2026-30289HigApr 1, 2026
    risk 0.55cvss 8.4epss 0.00

    An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2026-30287HigApr 1, 2026
    risk 0.55cvss 8.4epss 0.00

    An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

  • CVE-2024-10210HigMar 25, 2025
    risk 0.55cvss epss 0.00

    An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL <4.4-005P may allow an authenticated network-based attacker to access data from the file system.

  • CVE-2024-9575HigOct 9, 2024
    risk 0.55cvss epss 0.01

    Local File Inclusion vulnerability in pretix Widget WordPress plugin pretix-widget on Windows allows PHP Local File Inclusion. This issue affects pretix Widget WordPress plugin: from 1.0.0 through 1.0.5.

  • CVE-2026-35080HigJun 3, 2026
    risk 0.53cvss 8.1epss 0.00

    The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

  • CVE-2026-35079HigJun 3, 2026
    risk 0.53cvss 8.1epss 0.00

    The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

  • CVE-2026-35078HigJun 3, 2026
    risk 0.53cvss 8.1epss 0.00

    The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

  • CVE-2026-35077HigJun 3, 2026
    risk 0.53cvss 8.1epss 0.00

    The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

  • CVE-2026-35076HigJun 3, 2026
    risk 0.53cvss 8.1epss 0.00

    The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input.

  • CVE-2026-46402HigMay 27, 2026
    risk 0.53cvss 8.1epss 0.01

    Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing session log paths. An authenticated client can supply path traversal sequences in…

  • CVE-2026-33949HigApr 1, 2026
    risk 0.53cvss 8.1epss 0.00

    Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in…

  • CVE-2025-13322HigNov 21, 2025
    risk 0.53cvss 8.1epss 0.01

    The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in all versions up to, and including, 2.0. This is due to the `wpag_uploadaudio_callback()` AJAX handler not properly validating user-supplied file paths…

  • CVE-2025-10494HigOct 8, 2025
    risk 0.53cvss 8.1epss 0.00

    The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated…

  • CVE-2025-9048HigAug 23, 2025
    risk 0.53cvss 8.1epss 0.01

    The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the del_img_ajax_call() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with…

  • CVE-2025-3812HigMay 17, 2025
    risk 0.53cvss 8.1epss 0.01

    The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the qcld_openai_delete_training_file() function in all versions up to, and including, 13.6.2. This makes it possible for authenticated…

  • CVE-2024-21545HigSep 25, 2024
    risk 0.53cvss 8.2epss 0.00

    Proxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against malicious API response values allow authenticated attackers with 'Sys.Audit' or 'VM.Monitor' privileges to download arbitrary host files via…

  • CVE-2026-8450CriMay 27, 2026
    risk 0.52cvss 9.1epss 0.01

    HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, '> path' and '>> path' open the path…

  • CVE-2026-30893CriApr 29, 2026
    risk 0.52cvss 9.0epss 0.00

    Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary…