Total
7200 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0516 | 1 Emc | 2 Vipr Srm, Watch4net | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL. | |||||
| CVE-2015-2950 | 1 Open Explorer Beta Project | 1 Open Explorer Beta | 2025-04-12 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the Brandon Bowles Open Explorer application before 0.254 Beta for Android allows remote attackers to write to arbitrary files via a crafted filename. | |||||
| CVE-2019-25073 | 1 Goa.design | 1 Goa | 2025-04-11 | N/A | 7.5 HIGH |
| Improper path sanitization in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory. | |||||
| CVE-2018-25046 | 1 Cloudfoundry | 1 Archiver | 2025-04-11 | N/A | 9.1 CRITICAL |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | |||||
| CVE-2024-57549 | 1 Cmsimple | 1 Cmsimple | 2025-04-11 | N/A | 7.5 HIGH |
| CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request. | |||||
| CVE-2022-44564 | 1 Huawei | 2 Aslan-al10, Aslan-al10 Firmware | 2025-04-11 | N/A | 7.8 HIGH |
| Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources. | |||||
| CVE-2020-36566 | 1 Tar-utils Project | 1 Tar-utils | 2025-04-11 | N/A | 9.1 CRITICAL |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | |||||
| CVE-2020-36561 | 1 Unzip Project | 1 Unzip | 2025-04-11 | N/A | 9.1 CRITICAL |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | |||||
| CVE-2020-36560 | 1 Go-unzip Project | 1 Go-unzip | 2025-04-11 | N/A | 9.1 CRITICAL |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | |||||
| CVE-2020-36559 | 1 Aahframework | 1 Aah | 2025-04-11 | N/A | 7.5 HIGH |
| Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read. | |||||
| CVE-2025-2636 | 2025-04-11 | N/A | 9.8 CRITICAL | ||
| The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | |||||
| CVE-2025-32631 | 2025-04-11 | N/A | 8.6 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in oxygensuite Oxygen MyData for WooCommerce allows Path Traversal. This issue affects Oxygen MyData for WooCommerce: from n/a through 1.0.63. | |||||
| CVE-2025-32209 | 2025-04-11 | N/A | 6.5 MEDIUM | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in totalprocessing Total processing card payments for WooCommerce allows Path Traversal. This issue affects Total processing card payments for WooCommerce: from n/a through 7.1.5. | |||||
| CVE-2025-30582 | 2025-04-11 | N/A | 8.1 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in aytechnet DyaPress ERP/CRM allows PHP Local File Inclusion. This issue affects DyaPress ERP/CRM: from n/a through 18.0.2.0. | |||||
| CVE-2025-32633 | 2025-04-11 | N/A | 8.6 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in neoslab Database Toolset allows Path Traversal. This issue affects Database Toolset: from n/a through 1.8.4. | |||||
| CVE-2025-32671 | 2025-04-11 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John Weissberg Print Science Designer allows Path Traversal. This issue affects Print Science Designer: from n/a through 1.3.155. | |||||
| CVE-2025-31411 | 2025-04-11 | N/A | 5.9 MEDIUM | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Aribhour Linet ERP-Woocommerce Integration allows Path Traversal.This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.12. | |||||
| CVE-2025-32205 | 2025-04-11 | N/A | 2.7 LOW | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piotnetdotcom Piotnet Forms. This issue affects Piotnet Forms: from n/a through 1.0.30. | |||||
| CVE-2025-32509 | 2025-04-11 | N/A | 7.5 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPMinds Simple WP Events allows Path Traversal. This issue affects Simple WP Events: from n/a through 1.8.17. | |||||
| CVE-2025-32587 | 2025-04-11 | N/A | 8.1 HIGH | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in pickupp WooCommerce Pickupp allows PHP Local File Inclusion. This issue affects WooCommerce Pickupp: from n/a through 2.4.0. | |||||