Total
101 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30966 | 2025-04-16 | 5.4 Medium | ||
| Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects WPJobBoard: from n/a through n/a. | ||||
| CVE-2025-39598 | 2025-04-16 | 4.9 Medium | ||
| Path Traversal vulnerability in Quý Lê 91 Administrator Z allows Path Traversal. This issue affects Administrator Z: from n/a through 2025.03.28. | ||||
| CVE-2025-32585 | 2025-04-11 | 7.5 High | ||
| Path Traversal vulnerability in Trusty Plugins Shop Products Filter allows PHP Local File Inclusion. This issue affects Shop Products Filter: from n/a through 1.2. | ||||
| CVE-2022-36928 | 1 Zoom | 1 Zoom | 2025-04-09 | 6.1 Medium |
| Zoom for Android clients before version 5.13.0 contain a path traversal vulnerability. A third party app could exploit this vulnerability to read and write to the Zoom application data directory. | ||||
| CVE-2025-30014 | 2025-04-08 | 7.7 High | ||
| SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from directory which they don�t have access to, hence causing a high impact on confidentiality. Integrity and Availability are not affected. | ||||
| CVE-2024-2863 | 1 Lg | 1 Lg Led Assistant | 2025-04-04 | 5.3 Medium |
| This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant. | ||||
| CVE-2022-3693 | 1 Fileorbis | 1 Fileorbis | 2025-04-04 | 7.5 High |
| Path Traversal vulnerability in Deytek Informatics FileOrbis File Management System allows Path Traversal.This issue affects FileOrbis File Management System: from unspecified before 10.6.3. | ||||
| CVE-2025-30834 | 2025-04-01 | 7.5 High | ||
| Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit Assist: from n/a through 1.5.4. | ||||
| CVE-2024-54362 | 2025-03-28 | 8.1 High | ||
| Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue affects GetShop ecommerce: from n/a through 1.3. | ||||
| CVE-2025-0858 | 2025-03-27 | N/A | ||
| A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. | ||||
| CVE-2025-26935 | 1 Wpjobportal | 1 Wp Job Portal | 2025-03-25 | 7.5 High |
| Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8. | ||||
| CVE-2024-2654 | 1 Filemanagerpro | 1 File Manager | 2025-03-24 | 6.8 Medium |
| The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information. | ||||
| CVE-2025-26940 | 2025-03-18 | 6.3 Medium | ||
| Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2. | ||||
| CVE-2024-47170 | 1 Agnai | 1 Agnai | 2025-03-12 | 4.3 Medium |
| Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information and exposure of confidential configuration files. This only affects installations with `JSON_STORAGE` enabled which is intended to local/self-hosting only. Version 1.0.330 fixes this issue. | ||||
| CVE-2025-25122 | 2025-03-03 | 8.1 High | ||
| Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue affects WizShop: from n/a through 3.0.2. | ||||
| CVE-2025-27274 | 2025-03-03 | 4.9 Medium | ||
| Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11. | ||||
| CVE-2024-36991 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2025-02-28 | 7.5 High |
| In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. | ||||
| CVE-2023-32714 | 1 Splunk | 2 Splunk, Splunk App For Lookup File Editing | 2025-02-28 | 8.1 High |
| In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory. | ||||
| CVE-2025-26876 | 2025-02-25 | 6.8 Medium | ||
| Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue affects Search with Typesense: from n/a through 2.0.8. | ||||
| CVE-2025-26357 | 2025-02-17 | 4.9 Medium | ||
| A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests. | ||||