Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,144 vulnerabilities with CWE-22

CVE-2024-8538 MEDIUM

Big File Uploads - Full Path Disclosure

CVE-2024-21904 MEDIUM

QNAP QTS and QuTS hero - Path Traversal

CVE-2024-6445 HIGH

DataFlowX Technology DataDiodeX <3.1.7 - Path Traversal

CVE-2024-45401 HIGH

stripe-cli <1.21.3 - Path Traversal

CVE-2024-45175 HIGH

za-internet C-MOR Video Surveillance 5.2401 - Info Disclosure

CVE-2024-45178 HIGH

za-internet C-MOR Video Surveillance <5.2401 - Path Traversal

CVE-2024-45074 MEDIUM

IBM webMethods Integration 10.15 - Path Traversal

CVE-2024-8410 MEDIUM

ABCD ABCD2 <2.2.0-beta-1 - Path Traversal

CVE-2024-8409 MEDIUM

ABCD ABCD2 <2.2.0-beta-1 - Path Traversal

CVE-2024-8104 HIGH

WP Extended <3.0.8 - Path Traversal

CVE-2024-34656 HIGH

Samsung Notes < 4.4.21.62 - Path Traversal

CVE-2024-34653 MEDIUM

Samsung Android My Files - Path Traversal

CVE-2024-7950 CRITICAL

WP Job Portal < 2.1.6 - Unauthenticated Local File Inclusion and Arbitrary Settings Update via checkFormRequest

CVE-2024-45443 MEDIUM

Huawei EMUI and HarmonyOS - Path Traversal in Cust Module

CVE-2024-45388 HIGH

Hoverfly < 1.10.3 - Path Traversal via Simulation API File Parameter

CVE-2024-45312 MEDIUM

Overleaf <5.0.7 (or <4.2.7) - Path Traversal

CVE-2024-43797 MEDIUM

audiobookshelf < 2.13.0 - Path Traversal via LibraryController

CVE-2024-42471 HIGH

actions/artifact <2.1.2 - Path Traversal

CVE-2024-43957 MEDIUM

Animated Number Counters < 1.9 - PHP Local File Inclusion via Path Traversal

CVE-2024-43955 CRITICAL

Themeum Droip <= 1.1.1 - Unauthenticated Path Traversal and Arbitrary File Download/Deletion

CVE-2024-8304 MEDIUM

jpress < 5.1.1 - Path Traversal via Template Module Handler

CVE-2024-45436 HIGH

Ollama < 0.1.47 - Path Traversal via ZIP Archive Extraction

CVE-2024-44761 CRITICAL

EQ Enterprise Management System <2.0.0 - Path Traversal

CVE-2024-7744 MEDIUM

WS_FTP Server < 8.8.8 - Authenticated Path Traversal via Web Transfer Module

CVE-2024-6312 MEDIUM

Funnelforms Free <3.7.3.2 - Path Traversal

Previous Page 102 of 366 Next

Details

Vulnerabilities 9,144

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy