CVEbaza.plCWE DictionaryCWE-43
Common Weakness Enumeration

CWE-43

Path Equivalence: 'filename....' (Multiple Trailing Dot)

Category: VariantCVE: 1
Description

The product accepts path input in the form of multiple trailing dot ('filedir....') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

CVE vulnerabilities with CWE-43 (1)
9.3
CVSS
CRITICAL
CVE-2025-10353

File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetail_img' parameter.

pub. 2025-10-08
Information
ID: CWE-43
Type: Variant
Vulnerabilities: 1
MITRE CWE ↗
← CWE Dictionary