Search

Blog Stats Labs CLI MCP API Limits About Privacy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Blog Statistics Labs CLI Tool MCP Server API Documentation Rate Limits About Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

8,296 vulnerabilities with CWE-22

Actual Sync Server <26.3.0 - Path Traversal

CVE-2025-41758 HIGH

wwupload.cgi - Path Traversal

CVE-2025-41757 HIGH

UBR - Privilege Escalation

CVE-2025-41755 MEDIUM

wwwubr.cgi - Path Traversal

CVE-2026-3795 MEDIUM

DoraCMS 3.0.x - Path Traversal

CVE-2026-3719 MEDIUM

Tsinghua Unigroup Electronic Archives 3.2.210802 - Path Traversal

CVE-2026-3695 MEDIUM

Modern Image Gallery App 1.0 - Path Traversal

Parse Server <8.6.8/9.5.0-alpha.8 - Path Traversal

node-tar <7.5.10 - Path Traversal

CVE-2026-29780 MEDIUM

eml_parser <2.0.1 - Path Traversal

CVE-2026-29190 MEDIUM

Karapace <6.0.0 - Path Traversal

CVE-2026-29185 LOW

Backstage <1.20.1 - Path Traversal

CVE-2025-14675 HIGH

Meta Box Plugin <5.11.1 - Arbitrary File Deletion

Wallos <4.6.2 - Path Traversal

dbt-common <1.34.2/1.37.3 - Path Traversal

CVE-2026-29064 HIGH

Zarf 0.54.0-0.73.0 - Path Traversal

CVE-2018-25194 HIGH

Nominas 0.27 - SQL Injection

CVE-2018-25184 MEDIUM

Surreal ToDo 0.6.1.2 - Path Traversal

CVE-2018-25181 HIGH

Musicco 2.0.0 - Path Traversal

CVE-2018-25178 HIGH

Easyndexer 1.0 - Path Traversal

Windmill <1.603.3 - Path Traversal

changedetection.io <0.54.4 - Path Traversal

CVE-2026-28800 MEDIUM

Natro Macro <1.1.0 - Unauthenticated RCE

OpenChatBI <0.2.2 - Path Traversal

CVE-2026-28679 HIGH

Home-Gallery.org <1.21.0 - Path Traversal

Page 1 of 332 Next

Details

Vulnerabilities 8,296

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy