Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3352

3352 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-12422 Vulnerable Upgrade Feature (Arbitrary File Write) — BLU-IC2 8.8AIHighAI2025-10-28
CVE-2025-62725 Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations — compose 9.8AICriticalAI2025-10-27
CVE-2025-12250 OpenWGA TMLScript API WGA.File path traversal — OpenWGA 4.7 Medium2025-10-27
CVE-2025-12055 Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System — MIP 2 7.5AIHighAI2025-10-27
CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal — Vvveb 6.3 Medium2025-10-27
CVE-2025-10488 Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.4.8 - Authenticated (Subscriber+) Arbitrary File Move — Directorist: AI-Powered Business Directory, Listings & Classified Ads 8.1 High2025-10-25
CVE-2025-62254 Liferay Portal和Liferay DXP 路径遍历漏洞 — Portal 7.5AIHighAI2025-10-23
CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI — Gandia Integra Total 6.5AIMediumAI2025-10-23
CVE-2025-60227 WordPress WP Pipes plugin <= 1.4.3 - Arbitrary File Deletion vulnerability — WP Pipes 8.6 High2025-10-22
CVE-2025-60217 WordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Deletion Vulnerability — PT Luxa Addons 7.7 High2025-10-22
CVE-2025-59566 WordPress Workreap (theme's plugin) plugin <= 3.3.5 - Arbitrary File Deletion vulnerability — Workreap (theme's plugin) 7.7 High2025-10-22
CVE-2025-58959 WordPress Taskbot plugin <= 6.4 - Arbitrary File Deletion vulnerability — Taskbot 7.7 High2025-10-22
CVE-2025-62522 vite allows server.fs.deny bypass via backslash on Windows — vite 7.5AIHighAI2025-10-20
CVE-2025-3465 Path Traversal Vulnerability — CoreSense™ HM 7.1 High2025-10-20
CVE-2025-11941 e107 CMS Avatar image.php path traversal — CMS 5.4 Medium2025-10-19
CVE-2025-11939 ChurchCRM Backup Restore RestoreJob.php path traversal — ChurchCRM 4.7 Medium2025-10-19
CVE-2025-11914 Shenzhen Ruiming Technology Streamax Crocus DeviceFileReport.do download path traversal — Streamax Crocus 4.3 Medium2025-10-17
CVE-2025-11913 Shenzhen Ruiming Technology Streamax Crocus Service.do download path traversal — Streamax Crocus 4.3 Medium2025-10-17
CVE-2025-62424 ClipBucket path traversal vulnerability in template editor allows arbitrary file read and write — clipbucket-v5 6.7 Medium2025-10-17
CVE-2025-62356 Qodo Gen 安全漏洞 — Qodo Gen 7.5 High2025-10-17
CVE-2025-62353 Windsurf 安全漏洞 — Windsurf 9.8 Critical2025-10-17
CVE-2025-11849 Mammoth 安全漏洞 — mammoth 9.3 Critical2025-10-17
CVE-2025-34517 Ilevia EVE X1 Server 4.7.18.0.eden Absolute Path Traversal — EVE X1 Server 7.5AIHighAI2025-10-16
CVE-2025-34518 Ilevia EVE X1 Server 4.7.18.0.eden Relative Path Traversal — EVE X1 Server 7.5AIHighAI2025-10-16
CVE-2025-61923 PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure — ps_checkout 4.1 Medium2025-10-16
CVE-2025-11842 Shazwazza Smidge Bundle path traversal — Smidge 6.3 Medium2025-10-16
CVE-2025-53951 Fortinet FortiDLP 路径遍历漏洞 — FortiDLP 4.9 Medium2025-10-16
CVE-2025-54658 Fortinet FortiDLP 路径遍历漏洞 — FortiDLP 7.2 High2025-10-16
CVE-2025-54755 BIG-IP Configuration utility vulnerability — BIG-IP 4.9 Medium2025-10-15
CVE-2025-61941 BUFFALO WXR9300BE6P Series 路径遍历漏洞 — WXR9300BE6P series 7.2AIHighAI2025-10-15

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3352 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.