EUVD-2026-29460

CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...

PT-2026-30763

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.113 Description PraisonAI is susceptible to a path traversal issue due to a flaw in the validate path function. This function first calls os.path.normpath, which collapses '..' sequences, and then checks for the...

INNORIX WP 安全漏洞

INNORIX WP is a high-capacity file transfer software from the Korean company INNORIX. A security vulnerability exists in INNORIX WP that stems from improper path restriction and lack of authorization, which could lead to path traversal...

WordPress plugin Filr 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

GE Vernova WorkstationST 安全漏洞

GE Vernova WorkstationST is a workstation software for industrial control systems ICS from GE Vernova, Inc. that provides data acquisition, process monitoring, and automation control functions. A security vulnerability exists in GE Vernova WorkstationST V07.10.10C and earlier versions, which stem...

The vulnerability of the software’s user data loading function for running large language models (LLMs) like ChuanhuChatGPT allows a perpetrator to execute arbitrary code.

The vulnerability of the software’s user data loading function for running large language models like ChuanhuChatGPT is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

Cisco 9900 Series Phone Arbitrary File Download (CVE-2013-3426)

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810. This plugin only works with Tenable.ot. Please visit...

The vulnerability of the Suricata intrusion detection and prevention system arises from an improper limitation on the path name to the restricted access catalog. This allows intruders to write arbitrary files into the file system.

The vulnerability of the Suricata intrusion detection and prevention system lies in the incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to write arbitrary files into the file system...

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications lies in the incorrect restriction on the path name to the restricted catalog, allowing a hacker to read arbitrary files.

The vulnerability of the PTC Axeda platform for creating and deploying corporate-level applications is related to an incorrect limitation on the path name used to access the restricted catalog. Exploiting this vulnerability could allow a malicious actor to read arbitrary files by sending a...

CVE-2021-37064

There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created...

The vulnerability of the Security SiteProtector System, a website security protection system, allows a hacker to write arbitrary files.

The vulnerability of the Security SiteProtector System’s security protection mechanism exists due to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor to remotely write arbitrary files...