Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

449 vulnerabilities with CWE-73

CVE-2025-29708 CRITICAL

SourceCodester Company Website CMS 1.0 - File Upload

CVE-2025-0124 LOW

Palo Alto Networks PAN-OS - Auth Bypass

CVE-2025-29819 MEDIUM

Azure Portal Windows Admin Center - Info Disclosure

CVE-2025-3431 HIGH

ZoomSounds - WordPress Wave Audio Player with Playlist <6.91 - Info...

CVE-2025-2004 CRITICAL

Simple WP Events <1.8.17 - Path Traversal

CVE-2025-3033 HIGH

Firefox < 137.0 - Arbitrary File Upload via Malicious .url Shortcut

CVE-2025-2982 MEDIUM

Legrand SMS PowerView 1.x - File Inclusion

CVE-2025-1911 LOW

Product Import Export for WooCommerce - Product CSV Suite <2.5.0 - ...

CVE-2025-27147 HIGH

GLPI Inventory Plugin <1.5.0 - Privilege Escalation

CVE-2025-1972 LOW

WordPress <2.6.2 - Privilege Escalation

CVE-2025-0452 HIGH

eosphoros-ai/DB-GPT - Privilege Escalation

CVE-2025-29930 MEDIUM

imFAQ <1.0.1 - Local File Inclusion

CVE-2025-24996 MEDIUM

Windows 10 1507-24H2 and Windows Server 2008-2012 - Unauthenticated Spoofing via NTLM File Path Control

CVE-2025-24054 MEDIUM KEV

Windows 10 1507-22H2 and Windows 11 22H2 - Unauthenticated Spoofing via NTLM File Path Control

CVE-2025-1730 MEDIUM

Simple Download Counter <2.0 - Info Disclosure

CVE-2025-25478 MEDIUM

syspass 3.2.0-3.2.10 - Source Code Disclosure via Account File Upload Filename Mismanagement

CVE-2025-25761 HIGH

HkCms <2.3.2.240702 - Code Injection

CVE-2025-1686 MEDIUM

io.pebbletemplates:pebble - Path Traversal

CVE-2025-27137 MEDIUM

Dependency-Track <4.12.6 - Code Injection

CVE-2025-0111 MEDIUM KEV

Palo Alto Networks PAN-OS - Info Disclosure

CVE-2025-0109 MEDIUM

Palo Alto Networks PAN-OS - Unauthenticated File Deletion

CVE-2025-21377 MEDIUM

NTLM Hash Disclosure Spoofing - Info Disclosure

CVE-2025-0630 MEDIUM

Western Telematic - Local File Inclusion

CVE-2025-0851 CRITICAL

Ai.djl API < 0.31.1 - Path Traversal

CVE-2025-0105 CRITICAL

Palo Alto Networks Expedition - Info Disclosure

Previous Page 10 of 18 Next

Details

Vulnerabilities 449

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy