Total
7001 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26111 | 2 \@nubosoftware\/node-static Project, Node-static Project | 2 \@nubosoftware\/node-static, Node-static | 2025-03-05 | 7.5 High |
| All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function. | ||||
| CVE-2017-20181 | 1 Vocable Trainer Project | 1 Vocable Trainer | 2025-03-05 | 5.3 Medium |
| A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0 on Android. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is accf6838078f8eb105cfc7865aba5c705fb68426. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222328. | ||||
| CVE-2023-1112 | 1 Codedropz | 1 Drag And Drop Multiple File Upload - Contact Form 7 | 2025-03-05 | 4.7 Medium |
| A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_name leads to relative path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222072. | ||||
| CVE-2023-26361 | 1 Adobe | 1 Coldfusion | 2025-03-05 | 4.9 Medium |
| Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user interaction, but does require administrator privileges. | ||||
| CVE-2023-2913 | 1 Rockwellautomation | 1 Thinmanager | 2025-03-05 | 7.5 High |
| An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverage the privileges of the server’s file system and read arbitrary files stored in it. A malicious user could exploit this vulnerability by executing a path that contains manipulating variables. | ||||
| CVE-2025-23416 | 2025-03-05 | 4.9 Medium | ||
| Path traversal may lead to arbitrary file deletion. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25. | ||||
| CVE-2025-24494 | 2025-03-05 | 7.2 High | ||
| Path traversal may allow remote code execution using privileged account (requires device admin account, cannot be performed by a regular user). In combination with the 'Upload' functionality this could be used to execute an arbitrary script or possibly an uploaded binary. Remediation in Version 6.7.0, release date: 20-Oct-24. | ||||
| CVE-2024-53676 | 1 Hpe | 1 Insight Remote Support | 2025-03-05 | 9.8 Critical |
| A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution. | ||||
| CVE-2024-39903 | 1 Widgetti | 1 Solara | 2025-03-05 | 8.6 High |
| Solara is a pure Python, React-style framework for scaling Jupyter and web apps. A Local File Inclusion (LFI) vulnerability was identified in widgetti/solara, in version <1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system. | ||||
| CVE-2024-13471 | 2025-03-05 | 7.5 High | ||
| The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dt_process_imported_file function in all versions up to, and including, 4.7. This makes it possible for unauthenticated attackers to read arbitrary files on the underlying operating system. | ||||
| CVE-2021-33353 | 1 Wyomind | 1 Help Desk | 2025-03-04 | 9.8 Critical |
| Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. | ||||
| CVE-2025-27413 | 2025-03-04 | 6.5 Medium | ||
| PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal (`../`) sequences. This is problematic for the template update functionality as it uses the path from the database to write arbitrary content to, potentially overwriting source code to achieve Remote Code Execution. Any user with the `backups:create`, `backups:update` and `templates:update` permissions (only administrators by default) can write arbitrary content to anywhere on the filesystem. By overwriting source code, it is possible to achieve Remote Code Execution. Version 1.2.0 fixes the issue. | ||||
| CVE-2025-27410 | 2025-03-04 | 6.5 Medium | ||
| PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included `.js` file and restarting the container, this allows for Remote Code Execution as an administrator. The remote code execution occurs because any user with the `backups:create` and `backups:update` (only administrators by default) is able to overwrite any file on the system. Version 1.2.0 fixes the issue. | ||||
| CVE-2025-27590 | 2025-03-04 | 9 Critical | ||
| In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. | ||||
| CVE-2023-47803 | 1 Synology | 4 Bc500, Bc500 Firmware, Tc500 and 1 more | 2025-03-04 | 5.3 Medium |
| A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path Traversal') is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with Synology Camera Firmware versions before 1.0.7-0298 may be affected: BC500 and TC500. | ||||
| CVE-2025-25759 | 2025-03-04 | 7.5 High | ||
| An issue in the component admin_template.php of SUCMS v1.0 allows attackers to execute a directory traversal and arbitrary file deletion via a crafted GET request. | ||||
| CVE-2024-4885 | 1 Progress | 1 Whatsup Gold | 2025-03-04 | 9.8 Critical |
| In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges. | ||||
| CVE-2024-13910 | 2025-03-03 | 7.2 High | ||
| The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'database_backup_ajax_delete' function in all versions up to, and including, 2.35. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The vulnerability was partially patched in version 2.36. | ||||
| CVE-2023-29004 | 1 Roxy-wi | 1 Roxy-wi | 2025-03-03 | 6.5 Medium |
| hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A Path Traversal vulnerability was found in the current version of Roxy-WI (6.3.9.0 at the moment of writing this report). The vulnerability can be exploited via an HTTP request to /app/options.py and the config_file_name parameter. Successful exploitation of this vulnerability could allow an attacker with user level privileges to obtain the content of arbitrary files on the file server within the scope of what the server process has access to. The root-cause of the vulnerability lies in the get_config function of the /app/modules/config/config.py file, which only checks for relative path traversal, but still allows to read files from absolute locations passed via the config_file_name parameter. | ||||
| CVE-2025-25162 | 2025-03-03 | 7.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound Sports Rankings and Lists allows Absolute Path Traversal. This issue affects Sports Rankings and Lists: from n/a through 1.0.2. | ||||