VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-14
CVE-2025-3562
A vulnerability was found in Yonyou YonBIP MA2.7.
network
low complexity
CWE-22
4.3
4.3
2025-04-14
CVE-2025-3547
A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2.
network
low complexity
CWE-22
6.3
6.3
2025-04-11
CVE-2025-2636
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter.
network
low complexity
CWE-22
critical
9.8
9.8
2025-04-08
CVE-2025-30290
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass.
network
low complexity
CWE-22
8.7
8.7
2025-04-08
CVE-2024-41792
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions).
network
low complexity
CWE-22
8.6
8.6
2025-04-08
CVE-2025-2519
The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1.
network
low complexity
CWE-22
6.5
6.5
2025-04-06
CVE-2025-3317
A vulnerability classified as problematic has been found in fumiao opencms up to a0fafa5cff58719e9b27c2a2eec204cc165ce14f.
network
low complexity
CWE-22
4.3
4.3
2025-04-05
CVE-2025-2941
The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-file[] parameter in all versions up to, and including, 1.1.4.
network
low complexity
CWE-22
critical
9.8
9.8
2025-04-04
CVE-2025-2270
The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function.
network
high complexity
CWE-22
8.1
8.1
2025-04-04
CVE-2025-3214
A vulnerability has been found in JFinal CMS up to 5.2.4 and classified as problematic.
network
low complexity
CWE-22
4.3
4.3
«
Previous
1
2
(current)
3
4
5
...
375
376
»
Next