Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3341

3341 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6152 Steel Browser files.routes.ts handleFileUpload path traversal — Browser 6.3 Medium2025-06-17
CVE-2025-32799 Conda-build Vulnerable to Path Traversal via Malicious Tar File — conda-build 9.8AICriticalAI2025-06-16
CVE-2025-3594 Liferay Portal和Liferay DXP 路径遍历漏洞 — Portal 9.8AICriticalAI2025-06-16
CVE-2025-4748 Absolute path traversal in zip:unzip/1,2 — OTP 9.1AICriticalAI2025-06-16
CVE-2025-6109 javahongxi whatsmars InitializrController.java initialize path traversal — whatsmars 4.3 Medium2025-06-16
CVE-2025-6108 hansonwang99 Spring-Boot-In-Action File Upload ImageUploadService.java watermarkTest path traversal — Spring-Boot-In-Action 6.3 Medium2025-06-16
CVE-2025-5964 Path traversal in M-Files API — M-Files Server 6.5AIMediumAI2025-06-15
CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read — Restrict File Access 6.5 Medium2025-06-14
CVE-2025-4187 UserPro - Community and User Profile WordPress Plugin <= 5.1.10 - Unauthenticated Arbitrary File Read — UserPro - Community and User Profile WordPress Plugin 5.9 Medium2025-06-14
CVE-2025-6065 Image Resizer On The Fly <= 1.1 - Unauthenticated Arbitrary File Deletion — Image Resizer On The Fly 9.1 Critical2025-06-14
CVE-2025-46783 RICOH Streamline NX V3 PC Client 路径遍历漏洞 — RICOH Streamline NX V3 PC Client 7.8AIHighAI2025-06-13
CVE-2025-40592 Mendix Studio Pro 路径遍历漏洞 — Mendix Studio Pro 10 6.1 Medium2025-06-12
CVE-2025-5741 Schneider Electric EVLink WallBox 路径遍历漏洞 — EVLink WallBox 4.9 Medium2025-06-10
CVE-2025-5740 Schneider Electric EVLink WallBox 路径遍历漏洞 — EVLink WallBox 7.2 High2025-06-10
CVE-2025-42977 Directory Traversal vulnerability in SAP NetWeaver Visual Composer — SAP NetWeaver Visual Composer 7.6 High2025-06-10
CVE-2025-49138 HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter — issues 6.5 Medium2025-06-09
CVE-2025-31050 WordPress Apptha Slider Gallery plugin <= 2.5 - Arbitrary File Read vulnerability — Apptha Slider Gallery 7.5 High2025-06-09
CVE-2025-31635 WordPress CLEVER plugin <= 2.6.2 - Arbitrary File Download vulnerability — CLEVER 7.5 High2025-06-09
CVE-2025-39473 WordPress Seofy Core plugin <= 1.6.8 - Local File Inclusion Vulnerability — Seofy Core 8.1 High2025-06-09
CVE-2025-47511 WordPress Welcart e-Commerce plugin <= 2.11.13 - Arbitrary File Deletion Vulnerability — Welcart e-Commerce 6.8 Medium2025-06-09
CVE-2025-48124 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Arbitrary File Download Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light 7.5 High2025-06-09
CVE-2025-48130 WordPress Spice Blocks plugin <= 2.0.7.4 - Arbitrary File Download vulnerability — Spice Blocks 7.5 High2025-06-09
CVE-2025-48267 WordPress WP Pipes plugin <= 1.4.2 - Arbitrary File Deletion Vulnerability — WP Pipes 8.6 High2025-06-09
CVE-2025-5880 Whistle get-temp-file path traversal — Whistle 4.3 Medium2025-06-09
CVE-2025-3485 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability — Allegra 8.8AIHighAI2025-06-06
CVE-2025-33035 File Station 5 — File Station 5 6.5AIMediumAI2025-06-06
CVE-2025-5714 SoluçõesCoop iSoluçõesWEB Profile Information Update up.upload.php path traversal — iSoluçõesWEB 4.3 Medium2025-06-06
CVE-2025-3055 WP User Frontend Pro <= 4.1.3 - Authenticated (Subscriber+) Arbitrary File Deletion — WP User Frontend Pro 8.1 High2025-06-05
CVE-2025-20259 Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability — Cisco ThousandEyes Endpoint Agent 5.3 Medium2025-06-04
CVE-2025-20277 Cisco Unified Contact Center Express Path Traversal Vulnerability — Cisco Unified Contact Center Express 3.4 Low2025-06-04

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3341 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.