Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,130 vulnerabilities with CWE-22

CVE-2025-70084 HIGH

OpenSatKit 2.2.1 - Path Traversal via FileUtil_GetFileInfo Function

CVE-2025-69874 CRITICAL

nanotar <= 0.2.0 - Path Traversal and Arbitrary File Write via Crafted Tar Archive

CVE-2025-64075 CRITICAL

Shenzhen Zhibotong Electronics ZBT WE2001 <23.09.27 - Path Traversal

CVE-2025-68406 MEDIUM

Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Path Traversal

CVE-2025-66278 MEDIUM

File Station 5 <5.5.6.5190 - Path Traversal

CVE-2025-62856 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Path Traversal

CVE-2025-62855 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Path Traversal

CVE-2025-62853 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5165 - Authenticated Path Traversal

CVE-2025-58470 MEDIUM

Qsync Central <5.0.0.4 - Path Traversal

CVE-2025-54162 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5067 - Authenticated Path Traversal

CVE-2025-12757 MEDIUM

AXIS Camera Station Pro - Info Disclosure

CVE-2025-15491 MEDIUM

Post Slides WP <1.0.1 - Path Traversal

CVE-2025-69619 MEDIUM

Zipperapp MY Teditor - Path Traversal

CVE-2025-64712 CRITICAL

unstructured < 0.18.18 - Path Traversal and Arbitrary File Write via MSG Attachment Processing

CVE-2025-69618 MEDIUM

coto.world/coto 11.4.0 - Arbitrary File Overwrite via File Import Process

CVE-2025-15487 MEDIUM

Code Explorer <1.4.6 - Path Traversal

CVE-2025-69621 HIGH

Comic Book Reader <1.0.95 - Code Injection

CVE-2025-69620 MEDIUM

office_reader - Path Traversal and Denial of Service via Internal Storage File Write

CVE-2025-65077 HIGH

Lexmark - Path Traversal

CVE-2025-63372 MEDIUM

Articentgroup Zip Rar Extractor Tool <1.345.93.0 - Path Traversal

CVE-2025-61658 MEDIUM

Wikimedia Foundation CheckUser <1.43.4-1.44.1 - Info Disclosure

CVE-2025-61654 NONE

Wikimedia Foundation Thanks <1.43.4-1.44.1 - Info Disclosure

CVE-2025-61653 LOW

Wikimedia Foundation TextExtracts <1.39.14-1.44.1 - Info Disclosure

CVE-2025-61649 LOW

Wikimedia Foundation CheckUser - Info Disclosure

CVE-2025-61646 MEDIUM

MediaWiki <1.39.14-1.44.1 - Info Disclosure

Previous Page 42 of 366 Next

Details

Vulnerabilities 9,130

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy