Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-29

CWE-29

Path Traversal: '\..\filename'

Parent: CWE-23 - Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\..\filename' (leading backslash dot dot) sequences that can resolve to a location that is outside of that directory.

62 vulnerabilities with CWE-29

CVE-2026-5627 HIGH

Path Traversal in mintplex-labs/anything-llm

CVE-2026-30828 HIGH

Wallos <4.6.2 - Path Traversal

CVE-2025-15036 CRITICAL

Path Traversal Vulnerability in mlflow/mlflow

CVE-2025-66608 HIGH

FAST/TOOLS <10.04 - Open Redirect

CVE-2025-12790 HIGH

Rubygem MQTT - Info Disclosure

CVE-2025-58291 LOW

Office Service - DoS

CVE-2025-50185 HIGH

DbGate <6.6.0 - Info Disclosure

CVE-2025-50184 HIGH

DbGate <6.4.3-premium-beta.5 - Path Traversal

CVE-2025-6209 HIGH

run-llama/llama_index <0.12.27 - Path Traversal

CVE-2024-2356 CRITICAL

parisneo/lollms-webui - LFI

CVE-2024-8982 MEDIUM

OpenLLM 0.6.10 - LFI

CVE-2024-8859 HIGH

Lfprojects Mlflow < 2.17.0rc0 - Path Traversal

CVE-2024-8537 CRITICAL

modelscope/agentscope - Path Traversal

CVE-2024-8248 HIGH

mintplex-labs/anything-llm <1.2.2 - Path Traversal

CVE-2024-7957 CRITICAL

danswer - File Overwrite

CVE-2024-7033 HIGH

Openwebui Open Webui - Remote Code Execution

CVE-2024-12389 HIGH

Binary-husky Gpt Academic - Remote Code Execution

CVE-2024-11170 HIGH

Librechat < 0.7.6 - Remote Code Execution

CVE-2024-10648 HIGH

Gradio - Denial of Service

CVE-2024-13059 HIGH

mintplex-labs/anything-llm <1.3.1 - Path Traversal

CVE-2024-51534 HIGH

Dell PowerProtect DD <8.3.0.0, 7.10.1.50, 7.13.1.20 - Path Traversal

CVE-2024-21542 HIGH

Pypi Luigi < 3.6.0 - Path Traversal

CVE-2024-7962 HIGH

Gaizhenbiao Chuanhuchatgpt - Path Traversal

CVE-2024-7774 CRITICAL

Langchain.js < 0.2.19 - Path Traversal

CVE-2024-6394 HIGH

parisneo/lollms-webui <9.8 - Path Traversal

Page 1 of 3 Next

Details

Vulnerabilities 62

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy