Vulnerability Name CVE Severity
ACME mini_httpd arbitrary file read CVE-2018-18778
Adobe ColdFusion directory traversal CVE-2013-3336
AjaxControlToolkit directory traversal CVE-2015-4670
Apache Flink jobmanager/logs Path Traversal CVE-2020-17519
Apache HTTP Server Insecure Path Normalization (CVE-2021-41773, CVE-2021-42013) CVE-2021-42013 CVE-2021-41773
Apache Tomcat JK connector security bypass CVE-2007-1860
Apache Tomcat version older than 6.0.10 CVE-2007-0450
Apache Tomcat WAR file directory traversal vulnerability CVE-2009-2693 CVE-2009-2901
Arbitrary File Read in Next.js
Barracuda networks products multiple directory traversal vulnerabilities
CData Jetty Path Traversal (CVE-2024-31848/CVE-2024-31849/CVE-2024-31850/CVE-2024-31851) CVE-2024-31848 CVE-2024-31849 CVE-2024-31850 CVE-2024-31851
Check Point Gateway Path Traversal (CVE-2024-24919) CVE-2024-24919
Cisco Adaptive Security Appliance (ASA) Path Traversal (CVE-2018-0296) CVE-2018-0296
Cisco Adaptive Security Appliance (ASA) Path Traversal CVE-2020-3452 CVE-2020-3452
Citrix XenMobile Server Path Traversal CVE-2020-8209
ColdFusion directory traversal CVE-2010-2861
Directory traversal
Directory Traversal with spring-cloud-config-server CVE-2020-5410
Dragonfly Arbitrary File Read/Write (CVE-2021-33564) CVE-2021-33564
Drupal Core 7.x Directory Traversal (7.0 - 7.66) CVE-2019-11831
Drupal Core 7.x Directory Traversal (7.0 - 7.81) CVE-2021-32610
Drupal Core 8.6.x Directory Traversal (8.6.0 - 8.6.15) CVE-2019-11831
Drupal Core 8.7.0 Directory Traversal (8.7.0) CVE-2019-11831
Drupal Core 8.9.x Directory Traversal (8.9.0 - 8.9.16) CVE-2021-32610
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.5.15) CVE-2019-11831
Drupal Core 8.x.x Directory Traversal (8.0.0 - 8.8.12) CVE-2021-32610
Drupal Core 9.0.x Directory Traversal (9.0.0 - 9.0.14) CVE-2021-32610
Drupal Core 9.1.x Directory Traversal (9.1.0 - 9.1.10) CVE-2021-32610
Drupal Core 9.2.x Directory Traversal (9.2.0 - 9.2.1) CVE-2021-32610
ExpressJs Local File Read via the layout parameter
Ext JS arbitrary file read
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379) CVE-2018-13379
Fortinet FortiNAC RCE via arbitrary file upload CVE-2022-39952
Ghost CMS Theme Path Traversal (CVE-2023-32235) CVE-2023-32235
Grafana Plugin Dir Traversal (CVE-2021-43798) CVE-2021-43798
Grandnode Path Traversal (CVE-2019-12276) CVE-2019-12276
IBM Tivoli Access Manager directory traversal CVE-2010-4622 CVE-2011-0494
IIS extended unicode directory traversal vulnerability CVE-2000-0884
JIRA Security Advisory 2014-02-26
Joomla! Core 1.5.x Directory Traversal (1.5.0 - 1.5.8) CVE-2009-0113
Joomla! Core 3.4.x Directory Traversal (3.4.0 - 3.4.5) CVE-2015-8564
Joomla! Core 3.9.x Directory Traversal (3.9.3 - 3.9.5) CVE-2019-11831
Joomla! Core 3.x.x Directory Traversal (3.0.0 - 3.9.24) CVE-2021-23132
Joomla! Core 3.x.x Directory Traversal (3.2.0 - 3.4.5) CVE-2015-8565
Joomla! Core Directory Traversal (1.5.0 - 3.9.4) CVE-2019-10945
Joomla! Core Directory Traversal (2.5.0 - 3.9.20) CVE-2020-24597
Joomla! Core Directory Traversal (2.5.0 - 3.9.22) CVE-2020-35612
Laravel log viewer local file download (LFD) CVE-2018-8947
lighttpd v1.4.34 SQL injection and path traversal CVE-2014-2323 CVE-2014-2324
Lucee Server Arbitrary File Creation CVE-2021-21307
Multiple vulnerabilities in Ioncube loader-wizard.php
Nexus Repository Manager 3 Path Traversal (CVE-2024-4956) CVE-2024-4956
Node.js path validation vulnerability CVE-2017-14849
Openfire Path Traversal (CVE-2023-32315) CVE-2023-32315
Oracle Business Intelligence Adfresource Path traversal CVE-2019-2588
Oracle JavaServer Faces multiple vulnerabilities CVE-2013-3827
PaperCut NG/MF Path Traversal (CVE-2023-39143) CVE-2023-39143
Path Traversal in Next.js up to 9.3.1 CVE-2020-5284
Path Traversal in Oracle GlassFish server open source edition
Path traversal via misconfigured NGINX alias
Payara Micro File Read (CVE-2021-41381) CVE-2021-41381
PHP object deserialization of user-supplied data
Pulse Secure SSL VPN Arbitrary File reading (CVE-2019-11510) CVE-2019-11510
Python object deserialization of user-supplied data
Rails Asset Pipeline Directory Traversal Vulnerability CVE-2018-3760
Ruby on Rails directory traversal vulnerability CVE-2014-0130
SAP Portal directory traversal vulnerability
Server directory traversal
SolarWinds Serv-U Directory Traversal (CVE-2024-28995) CVE-2024-28995
spring-boot-actuator-logview Path Traversal CVE-2021-21234
SysAid On-Premise RCE (CVE-2023-47246) CVE-2023-47246
Tomcat path traversal via reverse proxy mapping
Total.js Directory Traversal (CVE-2019-8903) CVE-2019-8903
Typo3 Restler 1.7.0 Local File Disclosure
uWSGI Path Traversal vulnerability CVE-2018-7490
VMware directory traversal and privilege escalation vulnerabilities CVE-2009-2267 CVE-2009-3733
WEBrick v.1.3 directory traversal CVE-2008-1145
WordPress 2.3.3 Directory Traversal Vulnerability (0.6.2 - 2.3.3) CVE-2008-4769
WordPress 4.1.x Directory Traversal (4.1 - 4.1.40)
WordPress 4.2.x Directory Traversal (4.2 - 4.2.37)
WordPress 4.3.x Directory Traversal (4.3 - 4.3.33)
WordPress 4.4.x Directory Traversal (4.4 - 4.4.32)
WordPress 4.5.3 Directory Traversal Vulnerability (4.5.3) CVE-2016-6896 CVE-2016-10148
WordPress 4.5.x Directory Traversal (4.5 - 4.5.31)
WordPress 4.6.x Directory Traversal (4.6 - 4.6.28)
WordPress 4.7.x Directory Traversal (4.7 - 4.7.28)
WordPress 4.8.x Directory Traversal (4.8 - 4.8.24)
WordPress 4.9.x Directory Traversal (4.9 - 4.9.25)
WordPress 5.0.x Directory Traversal (5.0 - 5.0.21)
WordPress 5.1.x Directory Traversal (5.1 - 5.1.18)
WordPress 5.2.x Directory Traversal (5.2 - 5.2.20)
WordPress 5.3.x Directory Traversal (5.3 - 5.3.17)
WordPress 5.4.x Directory Traversal (5.4 - 5.4.15)
WordPress 5.5.x Directory Traversal (5.5 - 5.5.14)
WordPress 5.6.x Directory Traversal (5.6 - 5.6.13)
WordPress 5.7.x Directory Traversal (5.7 - 5.7.11)
WordPress 5.8.x Directory Traversal (5.8 - 5.8.9)
WordPress Directory Traversal (3.7 - 5.0.3) CVE-2019-8943
WordPress Duplicator plugin Unauthenticated Arbitrary File Download
WordPress Plugin A/B Test 'action' Parameter Directory Traversal (1.0.6)
WordPress Plugin Add From Server Directory Traversal (3.3.3)
WordPress Plugin Ad Inserter-Ad Manager & AdSense Ads Directory Traversal (2.4.19) CVE-2019-15323
WordPress Plugin Advanced Dewplayer Directory Traversal (1.2) CVE-2013-7240
WordPress Plugin Advanced File Manager Directory Traversal (5.1) CVE-2023-3814
WordPress Plugin AI ChatBot Directory Traversal (4.9.2) CVE-2023-5241
WordPress Plugin Ajax Store Locator Directory Traversal (1.2.0)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Directory Traversal (5.1.4)
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Directory Traversal (3.1.4)
WordPress Plugin Booking Calendar Directory Traversal (7.0) CVE-2017-2150
WordPress Plugin Chat Room Directory Traversal (0.1.2)
WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Directory Traversal (1.7.5.3)
WordPress Plugin Cross-RSS Directory Traversal (1.7) CVE-2014-4941
WordPress Plugin Database Backup for WordPress 'edit.php' Directory Traversal (1.7) CVE-2006-4208
WordPress Plugin DB Backup Directory Traversal (4.5) CVE-2014-9119
WordPress Plugin Delightful Downloads Directory Traversal (1.6.6) CVE-2017-1000170
WordPress Plugin Download Manager Directory Traversal (3.2.54) CVE-2022-2926
WordPress Plugin DukaPress Directory Traversal (2.5.2) CVE-2014-8799
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce Directory Traversal (5.6.23) CVE-2023-5414
WordPress Plugin Enable Media Replace Directory Traversal (3.6.3) CVE-2022-2554
WordPress Plugin File Manager Advanced Shortcode Directory Traversal (2.4) CVE-2023-7062
WordPress Plugin File Manager Directory Traversal (7.2.5) CVE-2024-2654
WordPress Plugin Font-official webfonts plugin of Fonts For Web Directory Traversal (7.5) CVE-2015-7683
WordPress Plugin Image Optimizer by 10web-Image Optimizer and Compression Directory Traversal (1.0.25)
WordPress Plugin Import and export users and customers Directory Traversal (1.14.2) CVE-2019-15326
WordPress Plugin Import CSV Directory Traversal (1.0)
WordPress Plugin Insert or Embed Articulate Content into WordPress Directory Traversal (4.2999) CVE-2019-15648
WordPress Plugin Insert Pages Directory Traversal (3.2.3)
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
WordPress Plugin Media from FTP Directory Traversal (9.85) CVE-2018-5310
WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75) CVE-2022-2863
WordPress Plugin MW WP Form Directory Traversal (4.4.2) CVE-2023-28408
WordPress Plugin myEASYbackup 'dwn_file' Parameter Directory Traversal (1.0.8.1) CVE-2012-0898
WordPress Plugin Nelio AB Testing Directory Traversal (4.4.4)
WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.0.0)
WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.1.9)
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Directory Traversal (1.7.14.2) CVE-2014-8801
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.33)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.42)
WordPress Plugin Popup-Popup More Popups Directory Traversal (2.2.4) CVE-2024-0844
WordPress Plugin SearchWP Live Ajax Search Directory Traversal (1.6.2) CVE-2022-3227
WordPress Plugin SE HTML5 Album Audio Player Directory Traversal (1.1.0) CVE-2015-4414
WordPress Plugin SEO Tools 'file' Parameter Directory Traversal (3.1.7)
WordPress Plugin Simple Job Board Directory Traversal (2.9.3) CVE-2020-35749
WordPress Plugin Smush Image Compression and Optimization Directory Traversal (2.7.5) CVE-2017-15079
WordPress Plugin Snow Monkey Forms Directory Traversal (5.1.1) CVE-2023-28413
WordPress Plugin Startklar Elementor Addons Directory Traversal (1.7.15) CVE-2024-5153
WordPress Plugin Tom M8te Directory Traversal (1.5.3) CVE-2014-5187
WordPress Plugin True Ranker Directory Traversal (2.2.2) CVE-2021-39312
WordPress Plugin Video Downloader for TikTok Directory Traversal (1.3) CVE-2020-24143
WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8) CVE-2022-4109
WordPress Plugin WordPress Download Manager Directory Traversal (2.6.95) CVE-2014-8585
WordPress Plugin WordPress File Upload Directory Traversal (4.12.2) CVE-2020-10564
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Directory Traversal (5.5.4)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Directory Traversal (4.9.9) CVE-2017-2245
WordPress Plugin WP-Lister Lite for Amazon Directory Traversal (0.9.6.35) CVE-2017-1000170
WordPress Plugin WP-Lister Lite for eBay Directory Traversal (2.0.20) CVE-2017-1000170
WordPress Plugin WP AmASIN-The Amazon Affiliate Shop Directory Traversal (0.9.6) CVE-2014-4577
WordPress Plugin WP Background Takeover Directory Traversal (4.1.4) CVE-2018-9118
WordPress Plugin WP Cost Estimation & Payment Forms Builder Directory Traversal (9.659)
WordPress Plugin WP Fastest Cache Directory Traversal (0.8.9.5) CVE-2019-13635
WordPress Plugin WP Fastest Cache Directory Traversal (0.9.1.6) CVE-2021-20714
WordPress Plugin WP Post Popup Directory Traversal (2.0)
WordPress Plugin WP Post Popup Directory Traversal (2.1.1)
WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)
WordPress Plugin WPS Child Theme Generator Directory Traversal (1.1) CVE-2019-15822
WordPress Plugin WP Source Control Directory Traversal (3.0.0) CVE-2014-5368
WordPress Plugin Zedna Contact form Directory Traversal (1.1)
WordPress Plugin Zedna eBook download Directory Traversal (1.1) CVE-2016-10924
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Directory Traversal (6.45) CVE-2021-39316