Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3353

3353 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-6282 xlang-ai OpenAgents file.py create_upload_file path traversal — OpenAgents 5.5 Medium2025-06-19
CVE-2025-6281 OpenBMB XAgent community path traversal — XAgent 5.5 Medium2025-06-19
CVE-2025-6280 TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal — SuperAGI 5.5 Medium2025-06-19
CVE-2025-6278 Upsonic server.py os.path.join path traversal — Upsonic 5.5 Medium2025-06-19
CVE-2025-4661 Path transversal vulnerability potentially leading to sensitive information disclosure — Fabric OS 4.4AIMediumAI2025-06-19
CVE-2025-50202 Lychee Path Traversal Vulnerability — Lychee 7.5 High2025-06-18
CVE-2025-49879 WordPress Litho theme <= 3.0 - Arbitrary File Deletion Vulnerability — Litho 8.6 High2025-06-17
CVE-2025-49415 WordPress FW Gallery plugin <= 8.0.0 - Arbitrary File Deletion Vulnerability — FW Gallery 8.6 High2025-06-17
CVE-2025-34508 ZendTo < 6.15-8 Path Traversal — ZendTo 6.3 Medium2025-06-17
CVE-2025-6020 Linux-pam: linux-pam directory traversal 7.8 High2025-06-17
CVE-2025-6167 themanojdesai python-a2a api.py create_workflow path traversal — python-a2a 5.5 Medium2025-06-17
CVE-2025-6166 frdel Agent-Zero image_get.py image_get path traversal — Agent-Zero 3.5 Low2025-06-17
CVE-2025-6152 Steel Browser files.routes.ts handleFileUpload path traversal — Browser 6.3 Medium2025-06-17
CVE-2025-32799 Conda-build Vulnerable to Path Traversal via Malicious Tar File — conda-build 9.8AICriticalAI2025-06-16
CVE-2025-3594 Liferay Portal和Liferay DXP 路径遍历漏洞 — Portal 9.8AICriticalAI2025-06-16
CVE-2025-4748 Absolute path traversal in zip:unzip/1,2 — OTP 9.1AICriticalAI2025-06-16
CVE-2025-6109 javahongxi whatsmars InitializrController.java initialize path traversal — whatsmars 4.3 Medium2025-06-16
CVE-2025-6108 hansonwang99 Spring-Boot-In-Action File Upload ImageUploadService.java watermarkTest path traversal — Spring-Boot-In-Action 6.3 Medium2025-06-16
CVE-2025-5964 Path traversal in M-Files API — M-Files Server 6.5AIMediumAI2025-06-15
CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read — Restrict File Access 6.5 Medium2025-06-14
CVE-2025-4187 UserPro - Community and User Profile WordPress Plugin <= 5.1.10 - Unauthenticated Arbitrary File Read — UserPro - Community and User Profile WordPress Plugin 5.9 Medium2025-06-14
CVE-2025-6065 Image Resizer On The Fly <= 1.1 - Unauthenticated Arbitrary File Deletion — Image Resizer On The Fly 9.1 Critical2025-06-14
CVE-2025-46783 RICOH Streamline NX V3 PC Client 路径遍历漏洞 — RICOH Streamline NX V3 PC Client 7.8AIHighAI2025-06-13
CVE-2025-40592 Mendix Studio Pro 路径遍历漏洞 — Mendix Studio Pro 10 6.1 Medium2025-06-12
CVE-2025-5741 Schneider Electric EVLink WallBox 路径遍历漏洞 — EVLink WallBox 4.9 Medium2025-06-10
CVE-2025-5740 Schneider Electric EVLink WallBox 路径遍历漏洞 — EVLink WallBox 7.2 High2025-06-10
CVE-2025-42977 Directory Traversal vulnerability in SAP NetWeaver Visual Composer — SAP NetWeaver Visual Composer 7.6 High2025-06-10
CVE-2025-49138 HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter — issues 6.5 Medium2025-06-09
CVE-2025-31050 WordPress Apptha Slider Gallery plugin <= 2.5 - Arbitrary File Read vulnerability — Apptha Slider Gallery 7.5 High2025-06-09
CVE-2025-31635 WordPress CLEVER plugin <= 2.6 - Arbitrary File Download Vulnerability — CLEVER 7.5 High2025-06-09

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3353 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.