CVE-2024-1703

A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2023-6118

Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1...

CVE-2023-5022

A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/selecttempletspost.php. The manipulation of the argument activepath leads to absolute path traversal. The associated identifie...

CVE-2023-1176

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2...

CVE-2023-3765

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

CVE-2023-2765

A vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit...

CVE-2022-31526

The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31550

The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31545

The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-41761

An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files...

CVE-2022-31536

The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

PT-2025-22641 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3. NEXUS Series versions through 3. MATRIX Series versions through 3. Description: The issue is related to Stored Absolute Path Traversal vulnerabilities in ASPECT, which could expose sensitive data if...

CVE-2022-40443

An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent to /one/siteinfo.php...

CVE-2022-39838

Systematic FIX Adapter ALFAFX 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames...

CVE-2022-39812

Italtel NetMatch-S CI 5.2.0-20211008 allows Absolute Path Traversal under NMSCI-WebGui/SaveFileUploader. An unauthenticated user can upload files to an arbitrary path. An attacker can change the uploadDir parameter in a POST request not possible using the GUI to an arbitrary directory. Because th...

CVE-2022-31514

The Caoyongqi912/FanPlatform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31509

The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31563

The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31535

The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31553

The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...