Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

417 vulnerabilities with CWE-23

CVE-2025-59336 MEDIUM

Luanox < 0.1.1 - Path Traversal and Denial of Service via Malicious Package Name

CVE-2025-55115 HIGH

Control-M/Agent <9.0.20 - Privilege Escalation

CVE-2025-10203 HIGH

Digilent WaveForms < 3.24.3 - Arbitrary Code Execution via Crafted .DWF3WORK File

CVE-2025-58760 HIGH

Tautulli < 2.16.0 - Unauthenticated Path Traversal via Image API Endpoint

CVE-2025-53609 MEDIUM

FortiWeb <7.6.4-7.2.11-7.0.11 - Path Traversal

CVE-2025-58752 MEDIUM

Vite <7.1.5, 7.0.7, 6.3.6, 5.4.20 - Info Disclosure

CVE-2025-25048 MEDIUM

IBM Jazz Foundation <7.0.2-7.1.0 - Privilege Escalation

CVE-2025-55748 HIGH

XWiki Platform <16.10.6 - Info Disclosure

CVE-2025-55747 CRITICAL

XWiki Platform <16.10.6 - Info Disclosure

CVE-2025-9570 MEDIUM

Sunnet eHRD CTMS - Authenticated Arbitrary File Read via Relative Path Traversal

CVE-2025-55202 MEDIUM

Opencast < 17.7 - Relative Path Traversal in UI Config Module

CVE-2025-9639 HIGH

Ai3 QbiCRMGateway 7.5.1-8.5.02 - Unauthenticated Arbitrary File Read via Relative Path Traversal

CVE-2025-8464 MEDIUM

Contact Form 7 <1.3.9.0 - Path Traversal

CVE-2025-53779 HIGH

Windows Kerberos - Privilege Escalation

CVE-2025-55013 MEDIUM

Assemblyline 4 <4.6.1.dev138 - Path Traversal

CVE-2025-51052 MEDIUM

Vedo Suite <2024.17 - Path Traversal

CVE-2025-53082 MEDIUM

Samsung Data Management Server Firmware 2.0.0-2.3.13.1 - Arbitrary File Deletion via Relative Path Traversal

CVE-2025-54531 HIGH

JetBrains TeamCity < 2025.07 - Path Traversal via Plugin Unpacking on Windows

CVE-2025-54317 HIGH

Logpoint < 7.6.0 - Authenticated Remote Code Execution via Layout Template Path Traversal

CVE-2025-46002 MEDIUM

simogeo filemanager <= 2.5.0 - Directory Traversal via filemanager.php Endpoint

CVE-2025-7619 HIGH

BatchSignCS < 3.318 - Arbitrary File Write via Malicious Website

CVE-2025-48817 HIGH

Remote Desktop Client - Path Traversal

CVE-2025-7146 HIGH

iPublish System - Unauthenticated Arbitrary File Read via Relative Path Traversal

CVE-2025-52207 CRITICAL

MikoPBX <2024.1.114 - Code Injection

CVE-2025-44163 MEDIUM

raspap-webgui < 3.3.6 - Authenticated Directory Traversal and Arbitrary File Write via Entity Parameter

Previous Page 5 of 17 Next

Details

Vulnerabilities 417

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy