Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,135 vulnerabilities with CWE-22

CVE-2025-3356 HIGH

IBM Tivoli Monitoring <6.3.0.7 - Path Traversal

CVE-2025-3355 HIGH

IBM Tivoli Monitoring <6.3.0.7-SP21 - Path Traversal

CVE-2025-12060 HIGH

Keras < 3.12.0 and 3.0.0-3.11.3 - Path Traversal via tarfile.extractall

CVE-2025-46363 MEDIUM

Dell Secure Connect Gateway <5.30.00.00 - Path Traversal

CVE-2025-11466 MEDIUM

Allegra DatabaseBackupBL - Info Disclosure

CVE-2025-11201 CRITICAL

MLflow < 3.0.0 - Unauthenticated Remote Code Execution via Model File Path Traversal

CVE-2025-12422 CRITICAL

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Path Traversal and Arbitrary File Write via Upgrade Feature

CVE-2025-62725 HIGH

Docker Compose 2.34.0-2.40.1 - Path Traversal via OCI Artifact Annotations

CVE-2025-27222 HIGH

TRUfusion Enterprise <= 7.10.4.0 - Path Traversal

CVE-2025-12250 MEDIUM

OpenWGA 7.11.12 Build 737 - Path Traversal

CVE-2025-12055 HIGH

MPDV Mikrolab GmbH - Info Disclosure

CVE-2025-12203 MEDIUM

vvveb < 1.0.7.3 - Path Traversal via File Argument in sanitizeFileName Function

CVE-2025-10488 HIGH

The Directorist: AI-Powered Business Directory Plugin with Classifi...

CVE-2025-10723 LOW

PixelYourSite <11.1.2 - Path Traversal

CVE-2025-62254 HIGH

Liferay Digital Experience Platform - Denial of Service via ComboServlet Query String

CVE-2025-54963 MEDIUM

BAE SOCET GXP < 4.6.0.2 - Path Traversal via GXP Job Service

CVE-2025-41073 MEDIUM

TESI Gandia Integra Total 4.4.2236.1 - Authenticated Path Traversal via direstudio Parameter

CVE-2025-60227 HIGH

ThimPress WP Pipes <= 1.4.3 - Path Traversal

CVE-2025-60217 HIGH

YPromo PT Luxa Addons <1.2.2 - Path Traversal

CVE-2025-59566 HIGH

AmentoTech Workreap <3.3.5 - Path Traversal

CVE-2025-58959 HIGH

AmentoTech Taskbot <= 6.4 - Path Traversal

CVE-2025-22167 MEDIUM

Jira Software DC/Server <11.0.0 - Path Traversal

CVE-2025-62522 MEDIUM

Vite 2.9.18-2.9.x 3.2.9-3.x 4.5.3-4.x 5.2.6-5.4.20 6.0.0-6.4.0 7.0.0-7.0.7 7.1.0-7.1.10 Path Traversal

CVE-2025-3465 HIGH

ABB CoreSense HM <2.3.1- CoreSense M10 <1.4.1.12 - Path Traversal

CVE-2025-11941 MEDIUM

e107 < 2.3.3 - Path Traversal via Avatar Handler multiaction[] Parameter

Previous Page 53 of 366 Next

Details

Vulnerabilities 9,135

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy