Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2025-30910 HIGH

CM Download Manager <2.9.6 - Path Traversal

CVE-2025-30882 HIGH

JoomSky JS Help Desk <= 2.9.1 - Path Traversal

CVE-2025-30878 HIGH

JoomSky JS Help Desk <= 2.9.2 - Path Traversal

CVE-2025-30793 HIGH

Houzez Property Feed <2.5.4 - Path Traversal

CVE-2025-30594 MEDIUM

NotFound Include URL <0.3.5 - Path Traversal

CVE-2025-2048 MEDIUM

Lana Downloads Manager < 1.10.0 - Authenticated Path Traversal and Arbitrary File Download

CVE-2025-3043 MEDIUM

GuoMinJim PersonManage 1.0 - Path Traversal

CVE-2025-30470 MEDIUM

iPadOS < 18.4 - Path Traversal

CVE-2025-30005 HIGH

Xorcom CompletePBX Arbitrary File Read and Deletion via systemDataFileName

CVE-2025-2292 MEDIUM

Xorcom CompletePBX <= 5.2.35 - Authenticated Path Traversal via Backup and Restore Functionality

CVE-2025-3021 HIGH

e-solutions e-management - Path Traversal

CVE-2025-2917 MEDIUM

ChestnutCMS <1.5.3 - Path Traversal

CVE-2025-27932 HIGH

HGW-BL1500HM <2.002.003 - Path Traversal

CVE-2025-27726 LOW

HGW-BL1500HM <2.002.003 - Path Traversal

CVE-2025-27718 HIGH

HGW-BL1500HM < 002.002.003 - Path Traversal

CVE-2025-27716 MEDIUM

HGW-BL1500HM <2.002.003 - Path Traversal

CVE-2025-2328 HIGH

Contact Form 7 <= 1.3.8.7 - Unauthenticated Arbitrary File Deletion

CVE-2025-2294 CRITICAL

Kubio AI Page Builder <2.5.1 - Local File Inclusion

CVE-2025-30895 HIGH

WpEvently <= 4.2.9 - PHP Local File Inclusion via Path Traversal

CVE-2025-1769 MEDIUM

Product Import Export for WooCommerce - Path Traversal

CVE-2025-1310 MEDIUM

Jobs for WordPress <2.7.11 - Path Traversal

CVE-2025-29789 HIGH

OpenEMR < 7.0.3 - Path Traversal via Load Code Feature

CVE-2025-27837 CRITICAL

Ghostscript < 10.05.0 - Path Traversal via Truncated Path with Invalid UTF-8 Characters

CVE-2025-25371 HIGH

NASA cFS Aquila - Path Traversal in OSAL Module

CVE-2025-30567 HIGH

WordPress WP01 - Path Traversal

Previous Page 77 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy