CVE-2025-11031 – DataTables Path Traversal Vulnerability in examples.php

Vulnerability

A path traversal vulnerability has been identified in DataTables versions through 1.10.13. The issue arises in the examples.php file, where the 'src' parameter is manipulated to traverse directories, potentially leading to unauthorized access to sensitive files on the server. This vulnerability can be exploited remotely without any authentication.

Impact

Exploitation of this vulnerability allows for unauthorized file access on the server, which could lead to the disclosure of sensitive information.

Reproduction

To reproduce this vulnerability, send a POST request to '/gan/bootstrap/plugins/DataTables-1.10.5/examples/resources/examples.php' with a 'src' parameter that includes a crafted file path. The payload should traverse directories to access sensitive files, such as 'WindowsUpdate.log' or 'win.ini'.

Remediation

Upgrading to DataTables version 1.10.15 or later addresses this vulnerability. The latest version can be downloaded from the DataTables GitHub repository.

Added: Sep 26, 2025, 5:20 PM

Updated: Sep 26, 2025, 6:23 PM

Affected Products

No known affected products were detected.

CVSS Scores

volerion

8.7

CVSS 4.0

8.7

High

volerion

8.6

CVSS 3.1

8.6

High

Vendor

5.5

CVSS 4.0

5.5

Medium

Vendor

5.3

CVSS 3.1

5.3

Medium

Click a row to open the calculator.

References

https://github.com/DataTables/DataTables/commit/3b24f99ac4ddb7f9072076b0d07f0b1a408f177a

Source CodeVendor

https://github.com/DataTables/DataTables/releases/tag/1.10.15

Release NotesVendor

https://github.com/xiaoliyu-1/Faculty-Management-System-examples.php-v.1.0-Path-Traversal/blob/main/report.md

ExploitRemedy

https://github.com/xiaoliyu-1/Faculty-Management-System-examples.php-v.1.0-Path-Traversal/blob/main/report.md#url