CWE-22

A path traversal in takeapeek module versions <=0.2.2 allows an attacker to list directory and files.

A Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server.

A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root.

Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.

Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator.

An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.