Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3346

3346 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-22876 TOA TRIFORA 3 Series 路径遍历漏洞 — Multiple Network Cameras TRIFORA 3 series 6.5 -2026-01-16
CVE-2021-47795 GeoVision Geowebserver 5.3.3 - Local FIle Inclusion — GeoVision Geowebserver 6.2 Medium2026-01-15
CVE-2026-22249 Docmost affected by an Arbitrary File Write via Zip Import Feature (ZipSlip) — docmost 7.1 High2026-01-15
CVE-2025-66292 DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface — dpanel 8.1 High2026-01-15
CVE-2021-47755 Oliver Library Server v5 - Arbitrary File Download — Oliver Library Server 7.5 High2026-01-15
CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent — Hramony SASE 7.5 High2026-01-14
CVE-2025-15020 Gotham Block Extra Light <= 1.5.0 - Authenticated (Contributor+) Arbitrary File Read via 'ghostban' Shortcode — Gotham Block Extra Light 6.5 Medium2026-01-14
CVE-2025-14301 Integration Opvius AI for WooCommerce <= 1.3.0 - Unauthenticated Arbitrary File Deletion/Read via Path Traversal — Integration Opvius AI for WooCommerce 9.8 Critical2026-01-14
CVE-2022-50939 e107 CMS v3.2.1 - Upload Restriction Bypass with Path Traversal File Override — e107 CMS 7.2 High2026-01-13
CVE-2022-50932 Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated) — Kyocera Command Center RX 7.5 High2026-01-13
CVE-2022-50890 Owlfiles File Manager 12.0.1 - Path Traversal — Owlfiles File Manager 7.5 High2026-01-13
CVE-2021-47751 CuteEditor for PHP 6.6 - Directory Traversal — CuteEditor 7.5 High2026-01-13
CVE-2021-47749 YouPHPTube <= 7.8 - Directory Traversal — YouPHPTube 5.5 Medium2026-01-13
CVE-2026-22871 GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE — guarddog 9.8AICriticalAI2026-01-13
CVE-2025-58693 Fortinet FortiVoice 路径遍历漏洞 — FortiVoice 5.7 Medium2026-01-13
CVE-2025-9435 Path Traversal — ManageEngine ADManager Plus 5.5 Medium2026-01-13
CVE-2025-68472 MindsDB has improper sanitation of filepath that leads to information disclosure and DOS — mindsdb 8.1 High2026-01-12
CVE-2025-69267 Spectrum directory path traversal — DX NetOps Spectrum 6.5AIMediumAI2026-01-12
CVE-2026-22685 DevToys Path Traversal (“Zip Slip”) Vulnerability in DevToys Extension Installation — DevToys 8.8 High2026-01-10
CVE-2025-61686 React Router has Path Traversal in File Session Storage — react-router 9.1 Critical2026-01-10
CVE-2025-66051 Path traversal in Vivotek IP7137 cameras — IP7137 8.1 -2026-01-09
CVE-2025-69194 Wget2: arbitrary file write via metalink path traversal in gnu wget2 8.8 High2026-01-09
CVE-2019-25295 WP Cost Estimation < 9.660 - Upload Directory Traversal — WP Cost Estimation & Payment Forms Builder 6.5 Medium2026-01-08
CVE-2017-20212 FLIR Thermal Camera F/FC/PT/D 8.0.0.64 Information Disclosure via File Reading — FLIR Thermal Camera F/FC/PT/D 6.2 Medium2026-01-07
CVE-2026-21851 MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download — MONAI 5.3 Medium2026-01-07
CVE-2025-68705 RustFS Path Traversal Vulnerability — rustfs 6.5 -2026-01-07
CVE-2026-0669 Path Traversal vulnerability in CSS extension on certain web servers — MediaWiki - CSS extension 7.5 -2026-01-07
CVE-2025-13801 Yoco Payments <= 3.9.0 - Unauthenticated Arbitrary File Read — Yoco Payments 7.5 High2026-01-07
CVE-2025-14867 Flashcard Plugin for WordPress <= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal — Flashcard Plugin for WordPress 6.5 Medium2026-01-07
CVE-2020-36909 Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write — SnapGear Management Console SG560 6.5 Medium2026-01-06

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3346 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.