Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,141 vulnerabilities with CWE-22

CVE-2025-50178 MEDIUM

GitForge.jl <0.4.3 - Path Traversal

CVE-2025-52574 HIGH

SysmonElixir <1.0.1 - Info Disclosure

CVE-2025-34040 CRITICAL

Zhiyuan OA Web Application System - Unauthenticated Arbitrary File Upload and Remote Code Execution via wpsAssistServlet

CVE-2025-34031 HIGH

Moodle LMS Jmol plugin <6.1 - Path Traversal

CVE-2025-52562 CRITICAL

ConvoyPanel 3.9.0-rc.3-4.4.0 - Path Traversal & PHP Execution via Locale/Namespace

CVE-2025-23092 HIGH

Mitel OpenScape Accounting Management <V5 R1.1.0 - Path Traversal

CVE-2025-48026 HIGH

Mitel OpenScape Xpressions <V7R1 FR5 HF43 P913 - Path Traversal

CVE-2025-50349 HIGH

PHPGurukul Pre-School Enrollment System Project V1.0 - Path Traversal

CVE-2025-50348 HIGH

PHPGurukul Pre-School Enrollment System Project V1.0 - Path Traversal

CVE-2025-6453 MEDIUM

diyhi bbs 6.8 - Path Traversal via ForumManageAction Add Function dirName Argument

CVE-2025-6218 HIGH KEV

WinRAR < 7.12 - Remote Code Execution via Path Traversal in Archive File Handling

CVE-2025-34023 HIGH

Karel IP Phone IP1211 - Authenticated Path Traversal via CGI Server Page Parameter

CVE-2025-34022 CRITICAL

Selea Targa IP OCR-ANPR - Path Traversal

CVE-2025-45890 CRITICAL

novel-plus < 5.1.0 - Path Traversal via filePath Parameter

CVE-2025-6283 LOW

xataio Xata Agent <0.3.1 - Path Traversal

CVE-2025-6282 MEDIUM

xlang OpenAgents < 2024-11-18 - Path Traversal in create_upload_file Function

CVE-2025-6281 MEDIUM

OpenBMB XAgent <1.0.0 - Path Traversal

CVE-2025-6280 MEDIUM

TransformerOptimus SuperAGI <0.0.14 - Path Traversal

CVE-2025-6278 MEDIUM

upsonic < 0.55.6 - Path Traversal via file.filename Argument

CVE-2025-4661 LOW

Brocade Fabric OS <9.2.2 - Path Traversal

CVE-2025-5981 MEDIUM

osv-scalibr 0.1.3-0.1.7 and 0.1.3-0.2.0 - Arbitrary File Write via Path Traversal in unpack() Function

CVE-2025-50202 HIGH

Lychee 6.6.6-6.6.9 - Path Traversal in SecurePathController

CVE-2025-49879 HIGH

Themezaa Litho <3.0 - Path Traversal

CVE-2025-49415 HIGH

FW Gallery <= 8.0.0 - Path Traversal

CVE-2025-34508 MEDIUM

ZendTo < 6.15-8 - Authenticated Path Traversal via File Dropoff Functionality

Previous Page 68 of 366 Next

Details

Vulnerabilities 9,141

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy