Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,140 vulnerabilities with CWE-22

CVE-2025-42946 MEDIUM

SAP S/4HANA (Bank Communication Management) - Path Traversal

CVE-2025-25231 HIGH

Omnissa Workspace ONE UEM - Path Traversal

CVE-2025-8815 HIGH

Morning - Path Traversal in Shiro Configuration

CVE-2025-8753 MEDIUM

linlinjava litemall < 1.8.0 - Path Traversal via /admin/storage/delete Key Parameter

CVE-2025-55149 MEDIUM

Tiny-Scientist <0.1.1 - Path Traversal

CVE-2025-52913 CRITICAL

Mitel MiCollab <9.8.2.12 - Path Traversal

CVE-2025-8356 CRITICAL

Xerox FreeFlow Core 8.0.4 - Path Traversal and Remote Code Execution

CVE-2025-8729 MEDIUM

MigoXLab LMeterX 1.2.0 - Path Traversal via Task ID Manipulation

CVE-2025-8749 MEDIUM

Mobile Industrial Robots <3.0.0 - Path Traversal

CVE-2025-54959 MEDIUM

Powered BLUE Server <0.20130927 - Path Traversal

CVE-2025-29865 HIGH

TAGFREE X-Free Uploader <1.0.1.0085 - Path Traversal

CVE-2025-48394 MEDIUM

Eaton G4 PDU < 3.5.0 - Authenticated Path Traversal via CLI Limited Shell

CVE-2025-21015 MEDIUM

Document scanner <SMR Aug-2025 Release 1 - Path Traversal

CVE-2025-54653 HIGH

HarmonyOS - Path Traversal in Virtualization File Module

CVE-2025-54652 HIGH

HarmonyOS - Path Traversal in Virtualization Base Module

CVE-2025-54802 CRITICAL

pyload-ng < 0.5.0b3.dev90 - Unauthenticated Path Traversal and Arbitrary File Write via CNL Blueprint Package Parameter

CVE-2025-54794 CRITICAL

Claude Code < 0.2.111 - Path Traversal via Prefix Matching Bypass

CVE-2025-54387 CRITICAL

unjs/ipx <1.3.2, 2.0.0-2.1.0, 3.0.0-3.1.0 - Path Traversal via Path Prefix Bypass

CVE-2025-8522 MEDIUM

vvvebjs < 2.0.4 - Path Traversal via File Argument in save.php

CVE-2025-8516 MEDIUM

Kingdee Cloud-Starry-Sky Enterprise Edition <8.2 - Path Traversal

CVE-2025-7694 MEDIUM

Woffice Core <5.4.26 - Privilege Escalation

CVE-2025-54386 CRITICAL

Traefik <2.11.7, 2.11.27, 3.0.0-3.4.4, 3.5.0-rc1 - Path Traversal & RCE via WASM Plugin

CVE-2025-8480 HIGH

Alpine iLX-507 Firmware - Unauthenticated Remote Code Execution via Tidal Music Streaming Application

CVE-2025-8433 MEDIUM

code-projects Document Management System 1.0 - Path Traversal via ID Argument in dell.php

CVE-2025-8426 CRITICAL

Marvell QConvergeConsole - Unauthenticated Path Traversal and Denial of Service via compressConfigFiles

Previous Page 62 of 366 Next

Details

Vulnerabilities 9,140

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy