Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,130 vulnerabilities with CWE-22

CVE-2025-67643 MEDIUM

Jenkins Redpen - Pipeline Reporter for Jira Plugin < 1.054.v7b_9517b_6b_202 Path Traversal

CVE-2025-65815 MEDIUM

AB TECHNOLOGY Document Reader: PDF, DOC, PPT <v65.0 - Path Traversal

CVE-2025-65814 MEDIUM

RHOPHI Analytics LLP Office App-Edit Word <6.4.1 - Path Traversal

CVE-2025-65792 CRITICAL

DataGear 5.5.0 - Arbitrary File Deletion via Path Traversal

CVE-2025-34395 HIGH

Barracuda RMM < 2025.1.1 - Unauthenticated Path Traversal via .NET Remoting Service

CVE-2025-8110 HIGH KEV

Gogs < 0.13.3 - Local Code Execution via PutContents API Symbolic Link Handling

CVE-2025-13339 HIGH

Hippoo Mobile App <1.7.1 - Path Traversal

CVE-2025-13677 MEDIUM

Simple Download Counter <2.2.2 - Path Traversal

CVE-2025-67506 CRITICAL

PipesHub <0.1.0-beta - Path Traversal

CVE-2025-61811 CRITICAL

ColdFusion 2025.4 2023.16 2021.22 and earlier - Authenticated Arbitrary Code Execution

CVE-2025-66645 HIGH

NiceGUI < 3.4.0 - Path Traversal via App.add_media_files()

CVE-2025-67488 HIGH

SiYuan < 3.5.0 - Authenticated Path Traversal via ZipSlip in Import Function

CVE-2025-11531 HIGH

HP Omen Gaming Hub < 1101.2511.101.0 and System Event Utility < 3.2.12 - Path Traversal

CVE-2025-60024 HIGH

FortiVoice 7.0.0-7.0.7 - Authenticated Path Traversal and Arbitrary File Write via HTTP/HTTPS Commands

CVE-2025-65287 MEDIUM

SNMP Web Pro 1.1 - Unauthenticated Directory Traversal via cgi-bin/upload.cgi

CVE-2025-14311 MEDIUM

JMRI < 5.13.3 - Path Traversal

CVE-2025-14306 CRITICAL

Robocode < 1.9.5.6 - Path Traversal and Arbitrary File Deletion via CacheCleaner recursivelyDelete Method

CVE-2025-13661 HIGH

Ivanti Endpoint Manager < 2024 SU4 SR1 - Authenticated Path Traversal and Arbitrary File Write

CVE-2025-13070 MEDIUM

CSV to SortTable WP <4.2 - Path Traversal

CVE-2025-14224 MEDIUM

Yottamaster DM2,DM3,DM200 <1.2.23/1.9.12 - Path Traversal

CVE-2025-14220 MEDIUM

ORICO CD3510 1.9.12 - Path Traversal

CVE-2025-14182 MEDIUM

Sobey Media Convergence System 2.0/2.1 - Path Traversal

CVE-2025-13377 CRITICAL

10Web Booster < 2.32.7 - Authenticated Arbitrary Folder Deletion via get_cache_dir_for_page_from_url()

CVE-2025-14111 MEDIUM

Rarlab RAR < 7.11 - Path Traversal

CVE-2025-65879 HIGH

Warehouse Management System 1.2 - Authenticated Path Traversal

Previous Page 48 of 366 Next

Details

Vulnerabilities 9,130

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy