Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,127 vulnerabilities with CWE-22

CVE-2025-48636 HIGH

BugreportContentProvider - Path Traversal

CVE-2025-48567 HIGH

Android - Path Traversal via Unicode Normalization Bypass

CVE-2025-50857 CRITICAL

ZenTaoPMS 18.11-21.6.beta - Path Traversal

CVE-2025-11563 MEDIUM

wcurl 2024-12-08-2025-11-09 - Path Traversal via Percent-Encoded Slashes

CVE-2025-15589 LOW

MuYuCMS 2.7 - Path Traversal via Template Management Page

CVE-2025-69380 HIGH

Upload Files Anywhere <=2.8 - Path Traversal

CVE-2025-69379 HIGH

Upload Files Anywhere <=2.8 - Path Traversal

CVE-2025-69377 HIGH

User Extra Fields <=17.0 - Path Traversal

CVE-2025-69376 HIGH

User Extra Fields <=17.0 - Path Traversal

CVE-2025-68862 HIGH

Woo File Dropzone <=1.1.7 - Path Traversal

CVE-2025-68002 MEDIUM

Open User Map <=1.4.16 - Path Traversal

CVE-2025-59819 MEDIUM

Zenitel AlphaCom XE Audio Server - Authenticated Arbitrary File Read via Filepath Parameter

CVE-2025-8054 HIGH

OpenText XM Fax 24.2 - Path Traversal

CVE-2025-36598 MEDIUM

Dell Avamar <19.12 - Path Traversal

CVE-2025-36597 MEDIUM

Dell Avamar <19.12 - Path Traversal

CVE-2025-12062 HIGH

WP Maps Plugin <4.8.6 - Local File Inclusion

CVE-2025-13681 MEDIUM

BFG Tools Extension Zipper <1.0.7 - Path Traversal

CVE-2025-69770 CRITICAL

MojoPortal CMS <2.9.0.1 - Command Injection

CVE-2025-15577 HIGH

Valmet DNA Web Tools <C2022 - Info Disclosure

CVE-2025-64074 MEDIUM

Shenzhen Zhibotong Electronics ZBT WE2001 <23.09.27 - Path Traversal

CVE-2025-43537 MEDIUM

iPadOS < 18.7.5 - Path Traversal via Malicious Backup File

CVE-2025-43417 MEDIUM

macOS Sonoma <14.8.4 - Info Disclosure

CVE-2025-70084 HIGH

OpenSatKit 2.2.1 - Path Traversal via FileUtil_GetFileInfo Function

CVE-2025-69874 CRITICAL

nanotar <= 0.2.0 - Path Traversal and Arbitrary File Write via Crafted Tar Archive

CVE-2025-64075 CRITICAL

Shenzhen Zhibotong Electronics ZBT WE2001 <23.09.27 - Path Traversal

Previous Page 41 of 366 Next

Details

Vulnerabilities 9,127

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy