Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-29

CWE-29

Path Traversal: '\..\filename'

Parent: CWE-23 - Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

60 vulnerabilities with CWE-29

Wallos <4.6.2 - Path Traversal

CVE-2025-66608 HIGH

FAST/TOOLS <10.04 - Open Redirect

CVE-2024-2356 CRITICAL

parisneo/lollms-webui - LFI

CVE-2025-12790 HIGH

Rubygem MQTT - Info Disclosure

CVE-2025-58291 LOW

Office Service - DoS

DbGate <6.6.0 - Info Disclosure

DbGate <6.4.3-premium-beta.5 - Path Traversal

CVE-2025-6209 HIGH

run-llama/llama_index <0.12.27 - Path Traversal

CVE-2024-8982 MEDIUM

OpenLLM 0.6.10 - LFI

CVE-2024-8859 HIGH

Lfprojects Mlflow < 2.17.0rc0 - Path Traversal

CVE-2024-8537 CRITICAL

modelscope/agentscope - Path Traversal

CVE-2024-8248 HIGH

mintplex-labs/anything-llm <1.2.2 - Path Traversal

CVE-2024-7957 CRITICAL

danswer - File Overwrite

CVE-2024-7033 HIGH

Openwebui Open Webui - Remote Code Execution

CVE-2024-12389 HIGH

Binary-husky Gpt Academic - Remote Code Execution

CVE-2024-11170 HIGH

Librechat < 0.7.6 - Remote Code Execution

CVE-2024-10648 HIGH

Gradio - Denial of Service

CVE-2024-13059 HIGH

mintplex-labs/anything-llm <1.3.1 - Path Traversal

CVE-2024-51534 HIGH

Dell PowerProtect DD <8.3.0.0, 7.10.1.50, 7.13.1.20 - Path Traversal

CVE-2024-21542 HIGH

Pypi Luigi < 3.6.0 - Path Traversal

CVE-2024-7962 HIGH

Gaizhenbiao Chuanhuchatgpt - Path Traversal

CVE-2024-7774 CRITICAL

Langchain.js < 0.2.19 - Path Traversal

CVE-2024-6394 HIGH

parisneo/lollms-webui <9.8 - Path Traversal

CVE-2024-6396 CRITICAL

aimhubio/aim <3.19.3 - RCE

CVE-2024-5926 CRITICAL

Stitionai Devika - Denial of Service

Page 1 of 3 Next

Details

Vulnerabilities 60

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy