Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3352

3352 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-8426 Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability — QConvergeConsole 9.1AICriticalAI2025-07-31
CVE-2014-125125 A10 Networks AX Loadbalancer Path Traversal — AX Series Loadbalancer 9.1AICriticalAI2025-07-31
CVE-2025-8151 HT Mega – Absolute Addons For Elementor <= 2.9.1 - Authenticated (Author+) Path Traversal to Limited Arbitrary CSS File Actions — HT Mega Addons for Elementor – Elementor Widgets & Template Builder 4.3 Medium2025-07-31
CVE-2025-41396 Alfasado PowerCMS 路径遍历漏洞 — PowerCMS 5.4 Medium2025-07-31
CVE-2025-46359 Alfasado PowerCMS 路径遍历漏洞 — PowerCMS 7.2 High2025-07-31
CVE-2025-8343 openviglet shio ShStaticFileAPI.java shStaticFilePreUpload path traversal — shio 4.3 Medium2025-07-31
CVE-2025-54433 Bugsink is vulnerable to Path Traversal attacks via event_id in ingestion — bugsink 8.3AIHighAI2025-07-30
CVE-2025-53081 SAMSUNG DMS 安全漏洞 — Data Management Server 6.4 Medium2025-07-29
CVE-2025-53080 SAMSUNG DMS 安全漏洞 — Data Management Server 7.1 High2025-07-29
CVE-2025-6989 Kallyas <= 4.21.0 - Authenticated (Contributor+) Arbitrary Folder Deletion — KALLYAS - Creative eCommerce Multi-Purpose WordPress Theme 8.1 High2025-07-26
CVE-2025-52452 Salesforce Tableau 安全漏洞 — Tableau Server 7.5 -2025-07-25
CVE-2025-8132 yanyutao0402 ChanCMS utils.js delfile path traversal — ChanCMS 5.4 Medium2025-07-25
CVE-2025-7640 hiWeb Export Posts <= 0.9.0.0 - Cross-Site Request Forgery to Arbitrary File Deletion — hiWeb Export Posts 8.1 High2025-07-24
CVE-2010-10012 httpdASM 0.92 Path Traversal — httpdasm 7.5 -2025-07-23
CVE-2018-25113 Dicoogle PACS Web Server 2.5.0 Unauthenticated Path Traversal — PACS Web Server 7.5 -2025-07-23
CVE-2025-54438 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 9.8 Critical2025-07-23
CVE-2025-54443 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 9.8 Critical2025-07-23
CVE-2025-54446 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 9.8 Critical2025-07-23
CVE-2025-54453 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 8.8 High2025-07-23
CVE-2025-54450 SAMSUNG MagicINFO 9 Server 安全漏洞 — MagicINFO 9 Server 7.2 High2025-07-23
CVE-2025-8021 Files Bucket Server 安全漏洞 — files-bucket-server 7.5 High2025-07-23
CVE-2025-54141 ViewVC's standalone server exposes arbitrary server filesystem content — viewvc 7.5 High2025-07-22
CVE-2025-54140 pyLoad has Path Traversal Vulnerability in json/upload Endpoint that allows Arbitrary File Write — pyload 7.5 High2025-07-22
CVE-2025-7645 Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) <= 3.2.8 - Unauthenticated Arbitrary File Deletion Triggered via Admin Form Submission Deletion — Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) 8.1 High2025-07-22
CVE-2025-49656 Apache Jena: Administrative users can create files outside the server directory space via the admin UI — Apache Jena 4.9 -2025-07-21
CVE-2025-7896 harry0703 MoneyPrinterTurbo video.py delete_video path traversal — MoneyPrinterTurbo 6.3 Medium2025-07-20
CVE-2015-10136 GI-Media Library < 3.0 - Directory Traversal — GI-Media Library 7.5 High2025-07-19
CVE-2015-10134 Simple Backup <= 2.7.10 - Arbitrary File Download via Path Traversal — Simple Backup 7.5 High2025-07-19
CVE-2025-6233 Arbitrary file read by system admin via path traversal — Mattermost 6.8 Medium2025-07-18
CVE-2025-7643 Attachment Manager <= 2.1.2 - Unauthenticated Arbitrary File Deletion — Attachment Manager 9.1 Critical2025-07-18

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3352 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.