Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,136 vulnerabilities with CWE-22

CVE-2025-43190 MEDIUM

iPadOS < 26.0 - Path Traversal via Directory Path Handling

CVE-2025-59056 HIGH

FreePBX 15.0-15.0.37 - Path Traversal via Module Uninstall Function

CVE-2025-10472 MEDIUM

MoneyPrinterTurbo <= 1.2.6 - Path Traversal via file_path Argument

CVE-2025-49089 MEDIUM

MoneyPrinterTurbo 1.2.6 - Path Traversal via Download API

CVE-2025-10176 HIGH

The Hack Repair Guy's Plugin Archiver <2.0.4 - Privilege Escalation

CVE-2025-10273 LOW

10oa 1.0 - Path Traversal via File Parameter in /view/file.aspx

CVE-2025-58321 CRITICAL

Delta Electronics DIALink - Path Traversal

CVE-2025-58320 HIGH

Delta Electronics DIALink - Path Traversal

CVE-2025-9918 HIGH

Google SecOps SOAR Server <6.3.54.0 - Path Traversal

CVE-2025-9693 HIGH

User Meta - User Profile Builder <3.1.2 - Privilege Escalation

CVE-2025-10245 MEDIUM

Display Painéis TGA <7.1.41 - Path Traversal

CVE-2025-10236 MEDIUM

binary-husky gpt_academic < 3.91 - Path Traversal via LaTeX File Handler

CVE-2025-10233 MEDIUM

kodbox 1.61 - Path Traversal via fileGet/fileSave Function

CVE-2025-10232 MEDIUM

299ko < 2.0.0 - Path Traversal via FileManagerAPIController getSentDir/delete Function

CVE-2025-59049 HIGH

Mockoon < 9.2.0 - Path Traversal and Local File Inclusion via Static File Serving Configuration

CVE-2025-29592 MEDIUM

Aaluoxiang OA System - Path Traversal

CVE-2025-41714 HIGH

Welotec SmartEMS Web Application <= v3.3.6 - Path Traversal

CVE-2025-34176 MEDIUM

pfSense < 2.8.0 - Authenticated Path Traversal in Suricata IP Reputation Check

CVE-2025-23343 HIGH

NVIDIA NVDebug < 1.7.0 - Path Traversal and Arbitrary File Write

CVE-2025-47415 MEDIUM

CRESTRON TOUCHSCREENS x70 - Path Traversal

CVE-2025-34173 MEDIUM

pfSense < 2.8.0 - Authenticated Path Traversal in Snort IP Reputation Check

CVE-2025-54261 CRITICAL

ColdFusion 2025.3 2023.15 2021.21 and earlier - Path Traversal

CVE-2025-58755 HIGH

MONAI < 1.5.0 - Path Traversal via Zip File Extraction

CVE-2025-58751 MEDIUM

Vite <7.1.5, <7.0.7, <6.3.6, <5.4.20 - Auth Bypass

CVE-2025-5993 CRITICAL

ITCube CRM <2025.2 - Path Traversal

Previous Page 58 of 366 Next

Details

Vulnerabilities 9,136

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy