Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,136 vulnerabilities with CWE-22

CVE-2025-58438 CRITICAL

internetarchive <5.5.0 - Path Traversal

CVE-2025-9566 HIGH

Red Hat Enterprise Linux 10 - Path Traversal via Podman Kube Play Command

CVE-2025-48395 MEDIUM

Eaton NMC G2 < 2.2.0 - Authenticated Path Traversal via CLI Limited Shell

CVE-2025-48550 MEDIUM

Android - Local Denial of Service via Path Traversal in SliceManagerTest

CVE-2025-41035 MEDIUM

appRain CMF 4.0.5 - Authenticated Path Traversal via Download Endpoint

CVE-2025-58355 HIGH

Soft Serve <0.9.1 - Command Injection

CVE-2025-7039 LOW

Red Hat Enterprise Linux - Path Traversal via Integer Overflow in Temporary File Creation

CVE-2025-7975 HIGH

Anritsu ShockLine < 2025.4.2 - Remote Code Execution via CHX File Parsing Path Traversal

CVE-2025-58162 MEDIUM

Mobile Security Framework 4.4.0 - Authenticated Path Traversal and Arbitrary File Write via Malicious APK Upload

CVE-2025-58161 MEDIUM

Mobile Security Framework 4.4.0 - Authenticated Directory Traversal via Download Route

CVE-2025-9801 MEDIUM

SimStudioAI sim < 0.3.40 - Path Traversal via filePath Argument

CVE-2025-58158 HIGH

Harness Open Source <3.3.0 - Command Injection

CVE-2025-52861 HIGH

VioStor <5.1.6-20250621 - Path Traversal

CVE-2025-33038 MEDIUM

Qsync Central <4.5.0.7 - Path Traversal

CVE-2025-33037 MEDIUM

Qsync Central <4.5.0.7 - Path Traversal

CVE-2025-33036 MEDIUM

Qsync Central <4.5.0.7 - Path Traversal

CVE-2025-33033 MEDIUM

Qsync Central <4.5.0.7 - Path Traversal

CVE-2025-33032 MEDIUM

QNAP QTS and QuTS hero - Authenticated Path Traversal

CVE-2025-30271 MEDIUM

QNAP QTS and QuTS hero - Authenticated Path Traversal

CVE-2025-30270 MEDIUM

QNAP QTS and QuTS hero - Authenticated Path Traversal

CVE-2025-9650 MEDIUM

yeqifu carRental <3fabb7eae93d209426638863980301d6f99866b3 - Path T...

CVE-2025-9217 MEDIUM

Slider Revolution <6.7.36 - Path Traversal

CVE-2025-54029 HIGH

WooCommerce csv import export <2.0.6 - Path Traversal

CVE-2025-53588 HIGH

UPC/EAN/GTIN Code Generator <2.0.2 - Path Traversal

CVE-2025-58072 HIGH

DOS Co., Ltd. SS1 <= 16.0.0.10 and SS1 Cloud <= 2.1.3 - Unauthenticated Path Traversal

Previous Page 59 of 366 Next

Details

Vulnerabilities 9,136

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy