Total
7259 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33869 | 1 Artifex | 1 Ghostscript | 2025-04-16 | N/A | 5.3 MEDIUM |
| An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. | |||||
| CVE-2024-33870 | 1 Artifex | 1 Ghostscript | 2025-04-16 | N/A | 6.3 MEDIUM |
| An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. | |||||
| CVE-2024-46375 | 1 Mayurik | 1 Best House Rental Management System | 2025-04-16 | N/A | 9.8 CRITICAL |
| Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup() function of the file rental/admin_class.php. | |||||
| CVE-2024-46376 | 1 Mayurik | 1 Best House Rental Management System | 2025-04-16 | N/A | 9.8 CRITICAL |
| Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/admin_class.php. | |||||
| CVE-2024-33350 | 1 Taogogo | 1 Taocms | 2025-04-16 | N/A | 9.8 CRITICAL |
| Directory Traversal vulnerability in TaoCMS v.3.0.2 allows a remote attacker to execute arbitrary code and obtain sensitive information via the include/model/file.php component. | |||||
| CVE-2024-53961 | 1 Adobe | 1 Coldfusion | 2025-04-16 | N/A | 8.1 HIGH |
| ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access files or directories that are outside of the restricted directory set by the application. This could lead to the disclosure of sensitive information or the manipulation of system data. Exploitation of this issue requires the admin panel be exposed to the internet. | |||||
| CVE-2025-27410 | 1 Pwndoc Project | 1 Pwndoc | 2025-04-16 | N/A | 6.5 MEDIUM |
| PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included `.js` file and restarting the container, this allows for Remote Code Execution as an administrator. The remote code execution occurs because any user with the `backups:create` and `backups:update` (only administrators by default) is able to overwrite any file on the system. Version 1.2.0 fixes the issue. | |||||
| CVE-2023-46988 | 2025-04-15 | N/A | 6.7 MEDIUM | ||
| Path Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating the fileExt parameter in the /example/editor endpoint, leading to unauthorized access to sensitive files and potential Denial of Service (DoS). | |||||
| CVE-2025-27413 | 1 Pwndoc Project | 1 Pwndoc | 2025-04-15 | N/A | 6.5 MEDIUM |
| PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal (`../`) sequences. This is problematic for the template update functionality as it uses the path from the database to write arbitrary content to, potentially overwriting source code to achieve Remote Code Execution. Any user with the `backups:create`, `backups:update` and `templates:update` permissions (only administrators by default) can write arbitrary content to anywhere on the filesystem. By overwriting source code, it is possible to achieve Remote Code Execution. Version 1.2.0 fixes the issue. | |||||
| CVE-2023-47279 | 1 Deltaww | 1 Infrasuite Device Master | 2025-04-15 | N/A | 7.5 HIGH |
| In Delta Electronics InfraSuite Device Master v.1.0.7, A vulnerability exists that allows an unauthenticated attacker to disclose user information through a single UDP packet, obtain plaintext credentials, or perform NTLM relaying. | |||||
| CVE-2025-3562 | 2025-04-15 | 4.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-3547 | 2025-04-15 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2. This vulnerability affects unknown code of the file /get_work_dir_files. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3445 | 2025-04-15 | N/A | 8.1 HIGH | ||
| A Path Traversal "Zip Slip" vulnerability has been identified in mholt/archiver in Go. This vulnerability allows using a crafted ZIP file containing path traversal symlinks to create or overwrite files with the user's privileges or application utilizing the library. When using the archiver.Unarchive functionality with ZIP files, like this: archiver.Unarchive(zipFile, outputDir), A crafted ZIP file can be extracted in such a way that it writes files to the affected system with the same privileges as the application executing this vulnerable functionality. Consequently, sensitive files may be overwritten, potentially leading to privilege escalation, code execution, and other severe outcomes in some cases. It's worth noting that a similar vulnerability was found in TAR files (CVE-2024-0406). Although a fix was implemented, it hasn't been officially released, and the affected project has since been deprecated. The successor to mholt/archiver is a new project called mholt/archives, and its initial release (v0.1.0) removes the Unarchive() functionality. | |||||
| CVE-2025-32779 | 2025-04-15 | N/A | 6.5 MEDIUM | ||
| E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the `/backup/import` API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability. Although the application runs as a non-root user (`185`), limiting direct impact on system-level files, this vulnerability can still be exploited to overwrite application files (e.g., JAR libraries) owned by the application user. This overwrite can potentially lead to Remote Code Execution (RCE) within the application's context. This issue has been patched in version 5.5.0. | |||||
| CVE-2025-32943 | 2025-04-15 | N/A | 3.7 LOW | ||
| The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint. | |||||
| CVE-2024-37410 | 1 Ideabox | 1 Powerpack For Beaver Builder | 2025-04-15 | N/A | 4.9 MEDIUM |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Path Traversal.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.3. | |||||
| CVE-2022-47945 | 1 Thinkphp | 1 Thinkphp | 2025-04-15 | N/A | 9.8 CRITICAL |
| ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php. | |||||
| CVE-2023-0582 | 1 Forgerock | 1 Access Management | 2025-04-14 | N/A | 8.1 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, through 7.0.2. | |||||
| CVE-2023-0511 | 1 Forgerock | 1 Java Policy Agents | 2025-04-14 | N/A | 9.1 CRITICAL |
| Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1 | |||||
| CVE-2023-0339 | 1 Forgerock | 1 Web Policy Agents | 2025-04-14 | N/A | 9.1 CRITICAL |
| Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1 | |||||