Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-35

CWE-35

Path Traversal: '.../...//'

Parent: CWE-23 - Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

169 vulnerabilities with CWE-35

CVE-2025-58380 LOW

Brocade Fabric OS <9.2.1 - Path Traversal

CVE-2025-59099 HIGH

CompactWebServer - Path Traversal

CVE-2025-67914 HIGH

beeteam368 VidMov <= 2.3.8 - Path Traversal

CVE-2025-46256 MEDIUM

SigmaPlugin Advanced Database Cleaner PRO <3.2.10 - Path Traversal

CVE-2025-68428 HIGH

jsPDF < 4.0.0 - Path Traversal via loadFile Method

CVE-2025-28973 MEDIUM

AA-Team Pro Bulk Watermark Plugin <2.0 - Path Traversal

CVE-2025-64676 HIGH

Microsoft Purview - Path Traversal and Remote Code Execution via '.../...//'

CVE-2025-64253 MEDIUM

WordPress.org Health Check & Troubleshooting <2.8 - Path Traversal

CVE-2025-66004 MEDIUM

usbmuxd <3ded00c9985a5108cfc7591a309f9a23d57a8cba - Path Traversal

CVE-2025-41736 HIGH

metz-connect ewio2-m_firmware < 2.2.0 - Path Traversal and Remote Code Execution via Python Script Upload

CVE-2025-5454 MEDIUM

AXIS OS 12.0.0-12.6.17 - Path Traversal via ACAP Configuration File

CVE-2025-58972 HIGH

Barcode Scanner with Inventory & Order Manager <1.10.5 - Path Trave...

CVE-2025-48090 HIGH

Blanka - One Page WordPress Theme < 1.5 - Path Traversal and PHP Local File Inclusion via '.../...//'

CVE-2025-39467 HIGH

Wanderland <= 1.7.1 - Path Traversal and PHP Local File Inclusion

CVE-2025-22288 MEDIUM

WPMU DEV - Your All-in-One WordPress Platform Smush Image Compressi...

CVE-2025-53880 HIGH

SUSE Manager Proxy - Path Traversal and Arbitrary File Write via tftpsync Scripts

CVE-2025-27222 HIGH

TRUfusion Enterprise <= 7.10.4.0 - Path Traversal

CVE-2025-41723 CRITICAL

Sauter modulo 6 and EY-modulo 5 - Unauthenticated Path Traversal via importFile SOAP Method

CVE-2025-8051 MEDIUM

OpenText Flipper 3.1.2 - Path Traversal

CVE-2025-42937 CRITICAL

SAP Print Service - Unauthenticated Path Traversal via Insufficient Path Validation

CVE-2025-43907 MEDIUM

Dell PowerProtect Data Domain Path Traversal via '.../...//'

CVE-2025-20313 MEDIUM

Cisco IOS XE Software 17.3.1-17.3.6 - Path Traversal and Improper Image Integrity Validation

CVE-2025-43886 MEDIUM

Dell PowerProtect Data Manager 19.19-19.20 - Path Traversal via '.../...//'

CVE-2025-48317 HIGH

Stefan Keller WooCommerce Payment Gateway <0.4.9 - Path Traversal

CVE-2025-4956 MEDIUM

AA-Team Pro Bulk Watermark Plugin <2.0 - Path Traversal

Previous Page 2 of 7 Next

Details

Vulnerabilities 169

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy