Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

396 vulnerabilities with CWE-73

CVE-2025-6463 HIGH

Incsub Forminator < 1.44.3 - Remote Code Execution

CVE-2025-33117 CRITICAL

IBM QRadar SIEM <7.5.0 Update Package 12 - Privilege Escalation

CVE-2025-36506 MEDIUM

RICOH Streamline NX V3 PC Client <3.242.0 - Path Traversal

CVE-2025-47956 MEDIUM

Windows Security App - Path Traversal

CVE-2025-33053 HIGH KEV

CVE-2025-33053 Exploit via Malicious .URL File and WebDAV

CVE-2025-48067 MEDIUM

OctoPrint <1.11.1 - Info Disclosure

CVE-2025-49138 MEDIUM

HAX CMS PHP <11.0.0 - Local File Inclusion

CVE-2025-48783 HIGH

Soar Cloud HRD <7.3.2025.0408 - Path Traversal

CVE-2025-48781 HIGH

Soar Cloud HRD <7.3.2025.0408 - Path Traversal

CVE-2025-32802 MEDIUM

Kea <2.7.8 - Code Injection

CVE-2025-4603 CRITICAL

eMagicOne Store Manager - Path Traversal

CVE-2025-4602 MEDIUM

eMagicOne Store Manager for WooCommerce <1.2.5 - Info Disclosure

CVE-2025-2409 CRITICAL

ASPECT <3.08.03 - Info Disclosure

CVE-2025-3812 HIGH

WPBot Pro Wordpress Chatbot <13.6.2 - Privilege Escalation

CVE-2025-26646 HIGH

.NET - Path Traversal

CVE-2025-26684 MEDIUM

Microsoft Defender for Endpoint - Privilege Escalation

CVE-2025-3419 HIGH

Eventin plugin <4.0.26 - Info Disclosure

CVE-2025-46762 HIGH

Apache Parquet <1.15.0 - RCE

CVE-2025-1056 MEDIUM

Gee-netics - Privilege Escalation

CVE-2025-43951 CRITICAL

LabVantage <8.8.0.13 HF6 - Path Traversal

CVE-2025-3103 HIGH

CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - ...

CVE-2025-29709 CRITICAL

SourceCodester Company Website CMS 1.0 - File Upload

CVE-2025-29708 CRITICAL

SourceCodester Company Website CMS 1.0 - File Upload

CVE-2025-0124 LOW

Palo Alto Networks PAN-OS - Auth Bypass

CVE-2025-29819 MEDIUM

Azure Portal Windows Admin Center - Info Disclosure

Previous Page 7 of 16 Next

Details

Vulnerabilities 396

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy