Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2025-5741 MEDIUM

Charging Station < - Path Traversal

CVE-2025-5740 HIGH

Web Server <version> - Path Traversal

CVE-2025-42977 HIGH

SAP NetWeaver Visual Composer - Path Traversal

CVE-2025-49138 MEDIUM

HAX CMS PHP <11.0.0 - Local File Inclusion

CVE-2025-48267 HIGH

ThimPress WP Pipes <1.4.2 - Path Traversal

CVE-2025-48130 HIGH

Spice Blocks <2.0.7.2 - Path Traversal

CVE-2025-48124 HIGH

Holest Engineering Spreadsheet Price Changer <2.4.37 - Path Traversal

CVE-2025-47511 MEDIUM

Welcart e-Commerce <= 2.11.13 - Path Traversal

CVE-2025-39473 HIGH

WebGeniusLab Seofy Core <1.4.5 - Path Traversal

CVE-2025-31635 HIGH

LambertGroup CLEVER <2.6 - Path Traversal

CVE-2025-31050 HIGH

Apptha Slider Gallery <2.5 - Path Traversal

CVE-2025-5880 MEDIUM

Whistle 2.9.98 - Path Traversal via /cgi-bin/sessions/get-temp-file filename Parameter

CVE-2025-3485 HIGH

Allegra < 8.1.2 - Authenticated Path Traversal and Remote Code Execution via extractFileFromZip

CVE-2025-33035 MEDIUM

File Station 5 <5.5.6.4847 - Path Traversal

CVE-2025-5714 MEDIUM

Isolucoesweb Solucoescoop < 2025-05-16 - Path Traversal

CVE-2025-3055 HIGH

WP User Frontend Pro <4.1.3 - Privilege Escalation

CVE-2025-20277 LOW

Cisco Unified CCX - Authenticated RCE

CVE-2025-20259 MEDIUM

Cisco ThousandEyes Endpoint Agent for Windows - Local File Deletion

CVE-2025-5545 MEDIUM

aaluoxiang oa_system - Path Traversal

CVE-2025-5544 MEDIUM

aaluoxiang oa_system - Path Traversal in UserpanelController Image Function

CVE-2025-5509 MEDIUM

quequnlong shiyi-blog <1.2.1 - Path Traversal

CVE-2025-4517 CRITICAL

Python <3.14 - Path Traversal

CVE-2025-4330 HIGH

CPython Path Traversal via TarFile Extraction Filter Bypass

CVE-2025-4138 HIGH

CPython Path Traversal via TarFile Extraction Filter Bypass

CVE-2025-31359 HIGH

Parallels Desktop for Mac 20.2.2 - Path Traversal and Arbitrary File Write via PVMP Package Unpacking

Previous Page 70 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy