Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,130 vulnerabilities with CWE-22

CVE-2025-61647 LOW

Wikimedia Foundation CheckUser - Info Disclosure

CVE-2025-61641 MEDIUM

MediaWiki <1.39.14, 1.43.4, 1.44.1 - Info Disclosure

CVE-2025-61634 LOW

MediaWiki <1.39.14, 1.43.4, 1.44.1 - Info Disclosure

CVE-2025-6927 LOW

MediaWiki <1.39.13, 1.42.7, 1.43.2, 1.44.0 - Info Disclosure

CVE-2025-6597 NONE

MediaWiki <1.39.13, 1.42.7, 1.43.2, 1.44.0 - Info Disclosure

CVE-2025-6589 LOW

MediaWiki >= 1.42.0 - Info Disclosure

CVE-2025-66480 CRITICAL

wildfirechat im-server < 1.4.3 - Path Traversal and Arbitrary File Write via /fs Upload Endpoint

CVE-2025-14914 HIGH

IBM WebSphere Liberty 17.0.0.3-26.0.0.1 Path Traversal & Arbitrary File Write via Zip Upload

CVE-2025-69601 MEDIUM

66biolinks v44.0.0 - Path Traversal and Arbitrary File Write via ZIP Archive Extraction

CVE-2025-11002 HIGH

7-Zip - Remote Code Execution via ZIP Symbolic Link Traversal

CVE-2025-66428 HIGH

WordPress Toolkit <6.9.1 - Privilege Escalation

CVE-2025-69097 HIGH

VibeThemes WPLMS <1.9.9.5.4 - Path Traversal

CVE-2025-69055 MEDIUM

SeaTheme BM Content Builder <3.16.3 - Path Traversal

CVE-2025-68912 HIGH

Harmonic Design HDForms <1.6.1 - Path Traversal

CVE-2025-68907 HIGH

AivahThemes Hostme <7.0. - Path Traversal

CVE-2025-68902 HIGH

AivahThemes Anona <=8.0 - Path Traversal

CVE-2025-68901 HIGH

AivahThemes Anona <=8.0 - Path Traversal

CVE-2025-67963 HIGH

Movie Booking <1.1.5 - Path Traversal

CVE-2025-69820 MEDIUM

Beam beta9 0.1.521 - Directory Traversal via joinCleanPath Function

CVE-2025-69612 MEDIUM

TMS Management Console < 6.3.7.27386.20250818 - Authenticated Path Traversal via Download Template filePath Parameter

CVE-2025-67684 HIGH

Quick.Cart Theme Selection - Privileged File Upload Code Execution

CVE-2025-29847 HIGH

Apache Linkis <1.7.0 - Info Disclosure

CVE-2025-13725 MEDIUM

Gutenberg Thim Blocks - Page Builder <1.0.1 - Info Disclosure

CVE-2025-12002 MEDIUM

Feeds for YouTube Pro <2.6.0 - Info Disclosure

CVE-2025-68921 HIGH

SteelSeries Nahimic 3 <1.10.7 - Path Traversal

Previous Page 43 of 366 Next

Details

Vulnerabilities 9,130

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy