CVE-2022-31579

The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31562

The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31580

The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31572

The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31518

The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2021-38146

The File Download API in Wipro Holmes Orchestrator 20.4.1 20.4.102112020 allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data...

CVE-2021-30497

Ivanti Avalanche Premise 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive...

CVE-2024-48850 Authenticated Absolute Path Traversal

Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2019-12314

Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.WMCS/ PATHINFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.WMCS/etc/passwd URI...

CVE-2014-3975

Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter...

CVE-2012-1025

Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter...

CVE-2010-4731

Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a...

CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim...

CVE-2025-46822 Unauthenticated Arbitrary File Read via Absolute Path

OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized...

CVE-2025-46822 Unauthenticated Arbitrary File Read via Absolute Path

OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized...

CVE-2024-6648

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...

CVE-2024-6648

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...

CVE-2024-6648

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...

PT-2025-20380 · Unknown · Wp Page Builder

Name of the Vulnerable Software and Affected Versions: AP Page Builder versions prior to 4.0.0 Description: The issue is an Absolute Path Traversal vulnerability that could allow an unauthenticated remote user to modify the product item path within the config JSON file, allowing them to read any...

CVE-2025-31554

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in docxpresso Docxpresso docxpresso allows Absolute Path Traversal.This issue affects Docxpresso: from n/a through = 2.6...