Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,127 vulnerabilities with CWE-22

CVE-2025-14868 HIGH

Career Section <= 1.6 - Cross-Site Request Forgery to Arbitrary File Deletion

CVE-2025-15470 MEDIUM

Eleganzo <= 1.2 - Authenticated (Subscriber+) Arbitrary Directory Deletion

CVE-2025-68649 MEDIUM

Fortinet FortiManager and FortiAnalyzer <= 7.6.4, <= 7.4.7, 7.2 all, 7.0 all - Path Traversal via CLI Requests

CVE-2025-61624 MEDIUM

Fortinet FortiOS/FortiProxy/FortiSwitchManager/FortiPAM - Authenticated Path Traversal & Arbitrary File Write via CLI

CVE-2025-59711 HIGH

BizTalk360 < 11.5 - Directory Traversal and Arbitrary File Write

CVE-2025-59709 MEDIUM

BizTalk360 <= 11.5 - Directory Traversal and Arbitrary File Read

CVE-2025-10559 HIGH

DELMIA Factory Resource Manager R2023x to R2025x - Path Traversal File Read and Write

CVE-2025-41368 HIGH

Small HTTP Server 3.06.36 - Authenticated Path Traversal

CVE-2025-70952 HIGH

pf4j <3.14.1 - Path Traversal

CVE-2025-67030 HIGH

plexus-utils <4.0.3 - Path Traversal

CVE-2025-60946 HIGH

Census CSWeb 8.0.1 - Path Traversal

CVE-2025-55988 HIGH

DreamFactory Core < 1.0.4 - Path Traversal via URI Path

CVE-2025-67115 MEDIUM

Small Cell Sercomm SCE4255W <DG3934v3@2308041842 - Path Traversal

CVE-2025-15031 CRITICAL

Path Traversal Vulnerability in mlflow/mlflow

CVE-2025-66687 HIGH

Doom Launcher 3.8.1.0 - Path Traversal

CVE-2025-66249 MEDIUM

Apache Livy 0.3.0-0.9.0 - Path Traversal

CVE-2025-54659 MEDIUM

FortiSOAR Agent Communication Bridge 1.1.0/1.0 - Path Traversal

CVE-2025-70028 HIGH

Sunbird-Ed SunbirdEd-portal 1.13.4 - Path Traversal

CVE-2025-41758 HIGH

MBS Solutions Universal BACnet Router Firmware < 6.0.1.0 - Arbitrary File Write via wwupload.cgi Path Traversal

CVE-2025-41757 HIGH

mbs-solutions Universal BACnet Router Firmware < 6.0.1.0 - Path Traversal and Arbitrary File Write via Backup Restore

CVE-2025-41755 MEDIUM

mbs-solutions universal_bacnet_router_firmware < 6.0.1.0 - Path Traversal via ubr-logread Parameter

CVE-2025-14675 HIGH

Meta Box Plugin <5.11.1 - Arbitrary File Deletion

CVE-2025-70231 CRITICAL

D-Link DIR-513 1.10 - Path Traversal

CVE-2025-45691 HIGH

RAGAS 0.2.3-0.2.14 - Path Traversal

CVE-2025-69411 HIGH

ionCube tester plus <=1.3 - Path Traversal

Previous Page 40 of 366 Next

Details

Vulnerabilities 9,127

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy