Path Traversal

⚔️ Attack Types Related 14
slug: path-traversal

Explanation

パストラバーサルは「ファイル名を指定する箇所に `../../../etc/passwd` のような文字列を入れて、本来アクセスできないファイルを読み出す」攻撃です。 ファイルダウンロード機能や画像表示機能でよく見られます。 対策は「ユーザー入力のファイル名を、必ずホワイトリスト・固定ディレクトリに制限する」こと。
📌 Example
CVE-2024-57726 (SimpleHelp): zipファイル展開時のZip Slipにより、サーバー上の任意の場所にファイル書き込みされる脆弱性。

🔖 Related tags

🛡 Vulnerabilities tagged with this 785

ID Title
CVE-2026-12565 Path Traversal in bbot (CVE-2026-12565)
CVE-2026-49133 Path Traversal in path-traversal (CVE-2026-49133)
CVE-2026-55201 Path Traversal in path-traversal (CVE-2026-55201)
CVE-2026-55760 Path Traversal in com.github.jknack:handlebars (CVE-2026-55760)
CVE-2025-69128 Path Traversal in path-traversal (CVE-2025-69128)
CVE-2026-50203 Path Traversal in apache-airflow-providers-sftp (CVE-2026-50203)
CVE-2026-2604 Vulnerability in path-traversal (CVE-2026-2604)
CVE-2026-10094 Path Traversal in path-traversal (CVE-2026-10094)
CVE-2024-32729 Path Traversal in path-traversal (CVE-2024-32729)
CVE-2026-54014 Path Traversal in open-webui (CVE-2026-54014)
CVE-2026-48055 Vulnerability in path-traversal (CVE-2026-48055)
CVE-2026-10303 Vulnerability in path-traversal (CVE-2026-10303)
CVE-2026-53865 Vulnerability in openclaw (CVE-2026-53865)
CVE-2026-53846 Vulnerability in openclaw (CVE-2026-53846)
CVE-2026-42867 Path Traversal in langflow (CVE-2026-42867)
CVE-2026-54293 Path Traversal in nltk (CVE-2026-54293)
CVE-2026-8442 Path Traversal in wordpress (CVE-2026-8442)
CVE-2026-52703 Unauthenticated Path Traversal in FastDup <= 2.7.2 versions.
CVE-2026-49112 Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.
CVE-2026-42661 Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
CVE-2026-50877 Path Traversal in path-traversal (CVE-2026-50877)
CVE-2026-49954 Vulnerability in path-traversal (CVE-2026-49954)
CVE-2026-50869 Path Traversal in path-traversal (CVE-2026-50869)
CVE-2016-20078 Vulnerability in wordpress (CVE-2016-20078)
CVE-2016-20079 Vulnerability in wordpress (CVE-2016-20079)
CVE-2016-20080 Vulnerability in wordpress (CVE-2016-20080)
CVE-2016-20081 Path Traversal in wordpress (CVE-2016-20081)
CVE-2016-20076 Path Traversal in wordpress (CVE-2016-20076)
CVE-2026-34026 Vulnerability in path-traversal (CVE-2026-34026)
CVE-2026-34030 Vulnerability in path-traversal (CVE-2026-34030)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →