Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3353

3353 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-5014 Home Villas | Real Estate WordPress Theme <= 2.8 - Authenticated (Subscriber+) Arbitrary File Deletion — Home Villas | Real Estate WordPress Theme 8.8 High2025-07-02
CVE-2025-6925 Dromara RuoYi-Vue-Plus Mail MailController.java path traversal — RuoYi-Vue-Plus 5.3 Medium2025-06-30
CVE-2025-6866 code-projects Simple Forum forum_downloadfile.php path traversal — Simple Forum 4.3 Medium2025-06-29
CVE-2025-6855 chatchat-space Langchain-Chatchat file path traversal — Langchain-Chatchat 5.5 Medium2025-06-29
CVE-2025-6854 chatchat-space Langchain-Chatchat files path traversal — Langchain-Chatchat 4.3 Medium2025-06-29
CVE-2025-6853 chatchat-space Langchain-Chatchat Backend upload_temp_docs path traversal — Langchain-Chatchat 6.3 Medium2025-06-29
CVE-2025-6755 Game Users Share Buttons <= 1.3.0 - Authenticated (Subscriber+) Arbitrary File Deletion via themeNameId Parameter — Game Users Share Buttons 8.8 High2025-06-28
CVE-2025-6379 BeeTeam368 Extensions Pro <= 2.3.4 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Deletion — BeeTeam368 Extensions Pro 8.8 High2025-06-28
CVE-2025-6776 xiaoyunjie openvpn-cms-flask File Upload controller.py upload path traversal — openvpn-cms-flask 7.3 High2025-06-27
CVE-2025-6774 gooaclok819 sublinkX template.go AddTemp path traversal — sublinkX 6.3 Medium2025-06-27
CVE-2025-6773 HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal — LightRAG 5.3 Medium2025-06-27
CVE-2025-6772 eosphoros-ai db-gpt import import_flow path traversal — db-gpt 7.3 High2025-06-27
CVE-2025-53298 WordPress Plugin Inspector plugin <= 1.5 - Arbitrary File Download Vulnerability — Plugin Inspector 4.9 Medium2025-06-27
CVE-2025-24765 WordPress Image Shadow plugin <= 1.1.0 - Arbitrary File Deletion Vulnerability — Image Shadow 7.7 High2025-06-27
CVE-2025-49448 WordPress FW Food Menu plugin <= 6.0.0 - Arbitrary File Deletion Vulnerability — FW Food Menu 8.6 High2025-06-27
CVE-2025-6731 yzcheng90 X-SpringBoot APK File apk uploadApk path traversal — X-SpringBoot 6.3 Medium2025-06-26
CVE-2025-34047 Leadsec VPN Path Traversal Arbitrary File Read — Leadsec SSL VPN 7.5AIHighAI2025-06-26
CVE-2025-34048 D-Link DSL-2730U/2750U/2750E Path Traversal Arbitrary File Read — DSL-2730U 7.5AIHighAI2025-06-26
CVE-2025-34045 WeiPHP Path Traversal Arbitrary File Read — WeiPHP 7.5AIHighAI2025-06-26
CVE-2025-3722 Trellix System Information Reporter 路径遍历漏洞 — System Information Reporter 6.5AIMediumAI2025-06-26
CVE-2025-6445 ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability — ServiceStack 9.8AICriticalAI2025-06-25
CVE-2025-49153 Path Traversal in MICROSENS NMP Web+ — NMP Web+ 9.8AICriticalAI2025-06-25
CVE-2025-52574 SysmonElixir path traversal in /read endpoint allows arbitrary file read — elixir-system-monitor 7.5 High2025-06-24
CVE-2025-34031 Moodle LMS Jmol Plugin Path Traversal — Jmol Plugin 7.5AIHighAI2025-06-24
CVE-2025-52562 Convey Panel Directory Traversal in LocaleController leading to Remote Code Execution — panel 10.0 Critical2025-06-23
CVE-2025-6453 diyhi bbs API ForumManageAction.java add path traversal — bbs 6.3 Medium2025-06-22
CVE-2025-6218 RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability — WinRAR 8.8AIHighAI2025-06-21
CVE-2025-34023 Karel IP Phone IP1211 Path Traversal — Karel IP Phone IP1211 6.5AIMediumAI2025-06-20
CVE-2025-34022 Selea Targa IP OCR-ANPR Camera Path Traversal — Targa IP OCR-ANPR Camera 7.5AIHighAI2025-06-20
CVE-2025-6283 xataio Xata Agent route.ts GET path traversal — Xata Agent 3.5 Low2025-06-19

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3353 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.