Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,141 vulnerabilities with CWE-22

CVE-2025-37098 HIGH

HPE Insight Remote Support < 7.15.0.646 - Path Traversal

CVE-2025-34058 HIGH

Hikvision Streaming Media Management Server v2.3.5 - Info Disclosure

CVE-2025-6925 MEDIUM

Dromara RuoYi-Vue-Plus 5.4.0 - Path Traversal via MailController filePath Argument

CVE-2025-6866 MEDIUM

code-projects Simple Forum 1.0 - Path Traversal

CVE-2025-6855 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6854 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6853 MEDIUM

Langchain-Chatchat <0.3.1 - Path Traversal

CVE-2025-6755 HIGH

Game Users Share Buttons <= 1.3.0 - Arbitrary File Deletion via ajaxDeleteTheme themeNameId Parameter

CVE-2025-6379 HIGH

BeeTeam368 Extensions Pro < 2.3.4 - Authenticated Path Traversal via handle_live_fn()

CVE-2025-6776 HIGH

xiaoyunjie openvpn-cms-flask < 1.2.8 - Path Traversal via Image Upload Parameter

CVE-2025-6774 MEDIUM

gooaclok819 sublinkX <1.8 - Path Traversal

CVE-2025-6773 MEDIUM

HKUDS LightRAG < 1.3.8 - Path Traversal via File Upload

CVE-2025-6772 HIGH

db-gpt < 0.7.2 - Path Traversal via Flow Import File Argument

CVE-2025-53298 MEDIUM

gioni Plugin Inspector <1.5 - Path Traversal

CVE-2025-49448 HIGH

Fastw3b LLC FW Food Menu <6.0.0 - Path Traversal

CVE-2025-24765 HIGH

RobMarsh Image Shadow <1.1.0 - Path Traversal

CVE-2025-6731 MEDIUM

yzcheng90 X-SpringBoot <5.0 - Path Traversal

CVE-2025-50350 MEDIUM

PHPGurukul Pre-School Enrollment System Project <v1.0 - Path Traversal

CVE-2025-34048 HIGH

D-Link DSL-2730U/2750U/2750E - Path Traversal

CVE-2025-34047 HIGH

Leadsec SSL VPN - Unauthenticated Path Traversal and Arbitrary File Read via ostype Parameter

CVE-2025-34045 HIGH

WeiPHP 5.0 - Unauthenticated Path Traversal and Arbitrary File Read via Material Download Endpoint

CVE-2025-3722 MEDIUM

System Information Reporter <1.0.3 - Path Traversal

CVE-2025-6445 HIGH

ServiceStack < 8.6 - Remote Code Execution via FindType Path Traversal

CVE-2025-52569 MEDIUM

GitForge.jl <5.9.1 - Path Traversal

CVE-2025-49153 CRITICAL

Microsens NMP Web+ < Version 3.2.5 - Unauthenticated Path Traversal and Arbitrary File Write

Previous Page 67 of 366 Next

Details

Vulnerabilities 9,141

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy