Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3334

3334 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-55201 Copier safe template has arbitrary filesystem read/write access — copier 9.8AICriticalAI2025-08-18
CVE-2025-3671 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update — WPGYM - Wordpress Gym Management System 8.8 High2025-08-16
CVE-2025-7641 Assistant for NextGEN Gallery <= 1.0.9 - Unauthenticated Arbitrary Directory Deletion — Assistant for NextGEN Gallery 7.5 High2025-08-15
CVE-2025-54715 WordPress Barcode Scanner with Inventory & Order Manager Plugin <= 1.9.0 - Arbitrary File Download Vulnerability — Barcode Scanner with Inventory & Order Manager 4.9 Medium2025-08-14
CVE-2025-34154 UnForm Server Manager < 10.1.12 Unauthenticated Arbitrary File Read — UnForm Server Manager 8.6AIHighAI2025-08-13
CVE-2011-10009 S40 CMS 0.4.2 Path Traversal — S40 CMS 7.5AIHighAI2025-08-13
CVE-2011-10010 QuickShare File Server 1.2.1 Path Traversal RCE — QuickShare File Server 7.5AIHighAI2025-08-13
CVE-2025-23304 NVIDIA NeMo library 路径遍历漏洞 — NVIDIA NeMo Framework 7.8 High2025-08-13
CVE-2025-8941 Linux-pam: incomplete fix for cve-2025-6020 7.8 High2025-08-13
CVE-2025-0818 Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion — File Manager Pro – Filester 6.5 Medium2025-08-13
CVE-2024-52964 Fortinet FortiManager和Fortinet FortiManager Cloud 路径遍历漏洞 — FortiManager 5.2 Medium2025-08-12
CVE-2025-49559 Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) — Adobe Commerce 5.3 Medium2025-08-12
CVE-2025-55011 Kanboard Path Traversal in File Write via Task File Upload Api — kanboard 6.4 Medium2025-08-12
CVE-2025-8081 Elementor <= 3.30.2 - Authenticated (Administrator+) Arbitrary File Read via Image Import — Elementor Website Builder – more than just a page builder 4.9 Medium2025-08-12
CVE-2025-5391 WooCommerce Purchase Orders <= 1.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion — Purchase Orders for WooCommerce 8.1 High2025-08-12
CVE-2025-42946 Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management) — SAP S/4HANA (Bank Communication Management) 6.9 Medium2025-08-12
CVE-2025-8815 猫宁i Morning Shiro Configuration index path traversal — Morning 7.3 High2025-08-10
CVE-2025-8753 linlinjava litemall File delete path traversal — litemall 5.4 Medium2025-08-09
CVE-2025-55149 Path Traversal Vulnerability in PDF Review Function (CWE-22) — tiny-scientist 7.5 -2025-08-09
CVE-2012-10048 Zenoss 3.x showDaemonXMLConfig Command Execution — Zenoss Core 8.8 -2025-08-08
CVE-2025-8356 Path Traversal leading to RCE — FreeFlow Core 9.8 Critical2025-08-08
CVE-2025-8729 MigoXLab LMeterX upload_service.py process_cert_files path traversal — LMeterX 6.3 Medium2025-08-08
CVE-2025-8749 Path traversal vulnerability in MiR robot software via API requests — MiR Robots 6.5 Medium2025-08-08
CVE-2025-54959 Mubit Powered BLUE 870 路径遍历漏洞 — Powered BLUE 870 7.5 -2025-08-08
CVE-2025-29865 TAGFREE X‑Free Uploader 安全漏洞 — X-Free Uploader 6.5AIMediumAI2025-08-07
CVE-2025-48394 Eaton Rack PDU G4 安全漏洞 — G4 PDU 4.7 Medium2025-08-06
CVE-2025-54653 Huawei HarmonyOS 安全漏洞 — HarmonyOS 8.4 High2025-08-06
CVE-2025-54652 Huawei HarmonyOS 安全漏洞 — HarmonyOS 8.4 High2025-08-06
CVE-2012-10024 XBMC ≤ 11.0 Web Server Path Traversal — Media Center 7.7AIHighAI2025-08-05
CVE-2012-10034 ClanSphere 2011.3 Local File Inclusion via cs_lang Cookie — ClanSphere 7.5AIHighAI2025-08-05

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3334 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.