Medium severity6.2NVD Advisory· Published Dec 29, 2025· Updated Apr 15, 2026

CVE-2025-15066

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed (ex: innorix/exam)

Affected products

Innosa/Innorix WPllm-fuzzy
Range: all

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gnit.co.kr/software/innorix_product.htmlnvd
www.innorix.comnvd

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000