Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-706

CWE-706

Use of Incorrectly-Resolved Name or Reference

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

105 vulnerabilities with CWE-706

CVE-2025-30870 HIGH

WP Travel Engine <6.3.5 - Code Injection

CVE-2025-30849 HIGH

g5theme Essential Real Estate <5.2.0 - Code Injection

CVE-2025-29914 MEDIUM

OWASP Coraza WAF <3.3.3 - Info Disclosure

CVE-2025-24813 CRITICAL KEV

Tomcat Partial PUT Java Deserialization

CVE-2025-24733 MEDIUM

AddonMaster Post Grid Master <3.4.12 - Code Injection

CVE-2024-57785 MEDIUM

Zenitel AlphaWeb XE 11.2.3.10 - Local File Inclusion

CVE-2024-55058 MEDIUM

PHPGurukul Online Birth Certificate System v1.0 - IDOR

CVE-2024-53739 HIGH

Cool Plugins Cryptocurrency Widgets For Elementor <1.6.4 - Code Inj...

CVE-2024-52515 MEDIUM

Nextcloud Server <27.1.10,28.0.6,29.0.1 - Path Traversal

CVE-2024-51746 LOW

Gitsign - Info Disclosure

CVE-2024-45305 LOW

gix-path - Info Disclosure

CVE-2024-35198 CRITICAL

TorchServe - Path Traversal

CVE-2024-4887 HIGH

Qi Addons For Elementor <1.7.2 - RCE

CVE-2024-37150 HIGH

Deno - Information Disclosure

CVE-2024-36383 MEDIUM

Logpoint <6.0.3 - Info Disclosure

CVE-2024-27292 HIGH

Docassemble - Local File Inclusion

CVE-2024-27295 HIGH

Directus <10.8.3 - Info Disclosure

CVE-2023-42125 HIGH

Avast Premium Security - Symlink Following

CVE-2023-42451 HIGH

Mastodon <3.5.14, <4.0.10, <4.1.8, <4.2.0-rc2 - Open Redirect

CVE-2023-34092 HIGH

Vite <2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, 4.3.9 - Auth Bypass

CVE-2023-31814 CRITICAL

D-Link DIR-300 - Path Traversal

CVE-2023-28643 MEDIUM

Nextcloud <25.0.3, <24.0.9 - Info Disclosure

CVE-2023-28628 MEDIUM

lambdaisland/uri <1.14.120 - Info Disclosure

CVE-2023-27561 HIGH

runc <1.1.4 - Privilege Escalation

CVE-2022-30258 CRITICAL

Technitium DNS Server <8.0.2 - Info Disclosure

Previous Page 2 of 5 Next

Details

Vulnerabilities 105

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy