Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-35

CWE-35

Path Traversal: '.../...//'

Parent: CWE-23 - Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.

169 vulnerabilities with CWE-35

CVE-2025-48081 MEDIUM

Printeers Print & Ship <1.17.0 - Path Traversal

CVE-2025-53561 MEDIUM

miniOrange Prevent files / folders access <= 2.6.0 - Path Traversal via '.../...//'

CVE-2025-52712 MEDIUM

BoldGrid Post and Page Builder <1.27.8 - Path Traversal

CVE-2025-8088 HIGH KEV

WinRAR < 7.13 - Path Traversal and Arbitrary Code Execution via Malicious Archive

CVE-2025-53417 CRITICAL

DIAView < v4.2.0 - Path Traversal and Information Disclosure via '.../...//'

CVE-2025-20320 MEDIUM

Splunk <9.4.3, 9.3.5, 9.2.7, 9.1.10 - DoS

CVE-2025-52805 HIGH

VaultDweller Leyka <3.31.9 - Path Traversal

CVE-2025-52811 HIGH

Creanncy Davenport - Versatile Blog and Magazine WP Theme <1.3 - Pa...

CVE-2025-52810 HIGH

TMRW-studio Katerio - Magazine <1.5.1 - Path Traversal

CVE-2025-49451 HIGH

Aeroscroll Gallery <1.0.12 - Path Traversal

CVE-2025-47176 HIGH

Microsoft 365 Apps and Office LTSC - Path Traversal and Local Code Execution via Outlook Path Handling

CVE-2025-30515 CRITICAL

CyberData 011209 Intercom - File Upload

CVE-2025-49297 HIGH

Grill and Chow <= 1.6 - Path Traversal and PHP Local File Inclusion via '.../...//'

CVE-2025-49296 HIGH

GrandPrix <= 1.6 - Path Traversal and PHP Local File Inclusion via '.../...//'

CVE-2025-49295 HIGH

Mikado-Themes MediClinic <= 2.1 - Path Traversal and Local File Inclusion via '.../...//'

CVE-2025-39475 HIGH

Frenify Arlo <6.0.3 - Path Traversal

CVE-2025-27445 MEDIUM

RSFirewall 2.9.7-3.1.5 - Path Traversal

CVE-2025-5598 CRITICAL

WF Steuerungstechnik GmbH airleader MASTER <3.0046 - Path Traversal

CVE-2025-46441 MEDIUM

Section Widget <3.3.1 - Path Traversal

CVE-2025-27010 HIGH

bslthemes Tastyc <2.5.2 - Path Traversal

CVE-2025-39492 HIGH

WHMPress WHMpress 6.2-revision - Path Traversal via Relative Path

CVE-2025-39491 HIGH

WHMpress 6.2-revision-9 - Path Traversal via '.../...//'

CVE-2025-40573 MEDIUM

SCALANCE LPE9403 < V4.0 HF0 - Path Traversal via Backup Restore

CVE-2025-47649 HIGH

ilmosys Open Close WooCommerce Store <4.9.5 - Path Traversal

CVE-2025-47636 HIGH

Fernando Briano <0.91.0 - Path Traversal

Previous Page 3 of 7 Next

Details

Vulnerabilities 169

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy