Lucene search
K

414 matches found

Cvelist
Cvelist
added yesterday9 views

CVE-2026-48318 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope...

9.9CVSS
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2026-11917

Rockwell Automation ThinManager’s API suffers a path traversal flaw caused by improper limitation of file save operations. An authenticated attacker can write arbitrary files to restricted system directories outside the application’s intended directory. CVSS 4.0 base score 7.2 (HIGH) with network...

7.2CVSS6.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-57712

Name of the Vulnerable Software and Affected Versions SureDash versions prior to 1.8.1 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, exists in the SureDash plugin. This flaw allows an attacker to access files and directories outside the...

9.9CVSS6.1AI score0.00382EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:48 a.m.10 views

CVE-2026-47897

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS5.9AI score0.00616EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 10:16 a.m.9 views

CVE-2026-57346

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...

7.1CVSS0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/29 9:50 a.m.8 views

EUVD-2026-40060

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...

7.1CVSS5.8AI score0.00265EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 1:21 p.m.4 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. Versions of Adobe ColdFusion such as 2023.19, 2025.8, and earlier versions have a path traversal vulnerability. This...

9.6CVSS5.3AI score0.07624EPSS
Exploits0References1
Veracode
Veracode
added 2026/06/08 10:52 a.m.7 views

Path Traversal

Spring AI is vulnerable to Path Traversal. The vulnerability is due to unsanitized LLM-influenced filenames in Path.resolve, where a malicious user could write files outside the intended target directory, including restricted directories...

6.5CVSS6AI score0.00398EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-29220

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

6.5CVSS5.4AI score0.00684EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.8 views

CVE-2026-42737

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

8.6CVSS5.4AI score0.00345EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:17 p.m.18 views

CVE-2026-42679

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

6.5CVSS0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 2:39 p.m.15 views

EUVD-2026-33650

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1...

9.6CVSS5.8AI score0.005EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45440

Name of the Vulnerable Software and Affected Versions Gravity Forms versions prior to 2.10.0.2 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, exists in Gravity Forms. This allows an attacker to access files and directories outside of the...

9.6CVSS5.8AI score0.005EPSS
Exploits2References5
NVD
NVD
added 2026/05/27 11:16 a.m.21 views

CVE-2026-42756

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ludwig You QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly: from n...

9.9CVSS0.00336EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 11:16 a.m.17 views

CVE-2026-42757

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.9CVSS0.00346EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 11:16 a.m.13 views

CVE-2026-42737

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Path Traversal.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through = 1.8.9...

8.6CVSS0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.20 views

EUVD-2026-32205

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.9CVSS5.8AI score0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.16 views

EUVD-2026-32204

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ludwig You QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly: from n...

9.9CVSS5.8AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

WordPress plugin VikBooking Hotel Booking Engine & PMS 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.6CVSS5.8AI score0.00345EPSS
Exploits0References1
Rows per page
Query Builder