Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,144 vulnerabilities with CWE-22

CVE-2024-47170 MEDIUM

agnai < 1.0.330 - Path Traversal via JSON Storage

CVE-2024-46327 MEDIUM

VONETS VAP11G-300 v3.3.23.6.9 - Path Traversal via Http_handle Object

CVE-2024-8704 HIGH

Advanced File Manager <5.2.8 - Authenticated RCE

CVE-2024-44825 HIGH

InVesalius3 <3.1.99995 - Path Traversal

CVE-2024-8941 HIGH

Scriptcase 9.4.019 - Unauthenticated Path Traversal via nm_edit_php_edit.php subpage Parameter

CVE-2024-8291 MEDIUM

Concrete CMS <9.3.3 & <8.5.19 - Stored XSS

CVE-2024-8671 CRITICAL

WooEvents - Calendar and Event Booking <4.1.2 - Path Traversal

CVE-2024-43996 MEDIUM

ElementsKit Pro < 3.6.0 - PHP Local File Inclusion via Path Traversal

CVE-2024-6786 MEDIUM

Moxa MXview One < 1.4.1 - Path Traversal via MQTT Message

CVE-2024-46649 HIGH

eNMS < 4.7.1 - Path Traversal via Download Folder

CVE-2024-46648 HIGH

eNMS 4.4.0-4.7.1 - Path Traversal via scan_folder

CVE-2024-46647 MEDIUM

eNMS 4.4.0-4.7.1 - Path Traversal via upload_files

CVE-2024-46646 MEDIUM

eNMS < 4.7.1 - Path Traversal via /download/file

CVE-2024-46645 HIGH

eNMS 4.0.0 - Path Traversal via get_tree_files

CVE-2024-46644 MEDIUM

eNMS 4.4.0-4.7.1 - Path Traversal via edit_file

CVE-2024-9032 MEDIUM

Simple Forum-Discussion System 1.0 - Path Traversal via Page Parameter

CVE-2024-33109 CRITICAL

Tiptel IP 286 Firmware < 2.61.13.10 - Path Traversal and Arbitrary File Write via Ringtone Upload

CVE-2024-8963 CRITICAL KEV

Ivanti Endpoint Manager Cloud Services Appliance - Unauthenticated Path Traversal

CVE-2024-46376 CRITICAL

Best House Rental Management System 1.0 - Arbitrary File Upload in update_account() Function

CVE-2024-46375 CRITICAL

Best House Rental Management System 1.0 - Arbitrary File Upload in Signup Function

CVE-2024-46987 HIGH

Camaleon CMS 2.8.0-2.8.1 - Authenticated Path Traversal via MediaController Download

CVE-2024-46986 CRITICAL

Camaleon CMS < 2.8.2 - Authenticated Arbitrary File Write via MediaController Upload

CVE-2024-45601 HIGH

Mesop >=0.9.0 <0.12.4 - Unauthorized File Access via Insufficient Input Validation

CVE-2024-45816 MEDIUM

Backstage < 1.10.13 - Path Traversal in TechDocs Storage Provider

CVE-2024-45604 MEDIUM

Contao < 4.13.49 - Authenticated Path Traversal in File Selector Widget

Previous Page 100 of 366 Next

Details

Vulnerabilities 9,144

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy