Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

417 vulnerabilities with CWE-23

CVE-2025-66386 MEDIUM

MISP < 2.5.27 - Authenticated Path Traversal in EventReport Picture View

CVE-2025-40605 MEDIUM

SonicWall Email Security Appliance Firmware < 10.0.33.8195 - Path Traversal via Directory Traversal Sequences

CVE-2025-64757 LOW

Astro < 5.14.3 - Unauthenticated Arbitrary Local File Read via Image Optimization Endpoint

CVE-2025-13199 MEDIUM

Email Logging Interface 2.0 - Path Traversal via Username Argument

CVE-2025-64446 CRITICAL KEV

Fortinet FortiWeb unauthenticated RCE

CVE-2025-13161 HIGH

IQ-Support - Unauthenticated Arbitrary File Read via Relative Path Traversal

CVE-2025-64714 MEDIUM

PrivateBin 1.7.7-2.0.3 - Unauthenticated Local File Inclusion via Template Cookie

CVE-2025-58464 HIGH

QuMagie >= 2.7.0 < 2.7.3 - Relative Path Traversal

CVE-2025-58463 MEDIUM

Download Station <5.10.0.304-5.10.0.305 - Path Traversal

CVE-2025-46363 MEDIUM

Dell Secure Connect Gateway <5.30.00.00 - Path Traversal

CVE-2025-55752 HIGH

Apache Tomcat 8.5.6-8.5.100, 9.0.0.M11-9.0.108, 10.1.0-M1-10.1.44, 11.0.0-M1-11.0.10 - RCE via URI Rewrite Bypass

CVE-2025-60023 MEDIUM

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-59776 MEDIUM

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-58429 HIGH

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-62498 HIGH

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-58456 MEDIUM

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-58078 HIGH

Productivity Suite <4.4.1.19 - Path Traversal

CVE-2025-11898 HIGH

Agentflow - Unauthenticated Arbitrary File Read via Relative Path Traversal

CVE-2025-10249 MEDIUM

Slider Revolution <6.7.37 - Privilege Escalation

CVE-2025-62187 LOW

Anki < 25.02.6 - Path Traversal and Arbitrary File Write via Crafted Sound File References

CVE-2025-59835 HIGH

LangBot <4.3.5 - Privilege Escalation

CVE-2025-59682 LOW

Django 4.2-4.2.24, 5.1-5.1.12, 5.2-5.2.6 - Relative Path Traversal via Archive Extraction

CVE-2025-60020 MEDIUM

NNCP < 8.12.0 - Path Traversal via Crafted Packet Data

CVE-2025-59341 HIGH

esm.sh <= 136 - Local File Inclusion via URL Handling

CVE-2025-59456 MEDIUM

JetBrains TeamCity < 2025.07.2 - Path Traversal via Project Archive Upload

Previous Page 4 of 17 Next

Details

Vulnerabilities 417

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy