Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,158 vulnerabilities with CWE-22

CVE-2024-37932 HIGH

Woocommerce OpenPos <6.4.4 - Path Traversal

CVE-2024-37928 HIGH

NooTheme Jobmonster <4.7.0 - Path Traversal

CVE-2024-2602 HIGH

Schneider Electric FoxRTU Station <= 9.3.0 - Path Traversal

CVE-2024-39330 MEDIUM

Django 4.2-4.2.13 and 5.0-5.0.6 - Path Traversal via Custom Storage Class generate_filename() Override

CVE-2024-22377 MEDIUM

PingFederate 10.3.0-10.3.12 - Unauthenticated Path Traversal in Deploy Directory

CVE-2024-39171 CRITICAL

phpvibe 11.0.3-11.0.46 - Path Traversal and Remote Code Execution via .htaccess and PNG File Upload

CVE-2024-37513 HIGH

Themewinter WPCafe <= 2.2.27 - Path Traversal

CVE-2024-37501 HIGH

PluginsWare Advanced Classifieds & Directory Pro <3.1.3 - Path Trav...

CVE-2024-37499 MEDIUM

vCita Online Booking & Scheduling Calendar for WordPress < 4.4.2 - Path Traversal

CVE-2024-37497 HIGH

Crocoblock JetThemeCore <2.2.1 - Path Traversal

CVE-2024-37464 MEDIUM

WPZOOM Beaver Builder Addons by WPZOOM <= 1.3.5 - Path Traversal

CVE-2024-37462 HIGH

Ultimate Bootstrap Elements for Elementor <= 1.4.2 - Path Traversal

CVE-2024-37454 MEDIUM

AWSM Team < 1.3.1 - Path Traversal

CVE-2024-37437 MEDIUM

Elementor Website Builder <= 3.22.1 - Arbitrary File Download via Path Traversal

CVE-2024-37419 HIGH

Codeless Cowidgets - Elementor Addons < 1.1.1 - Path Traversal

CVE-2024-37268 HIGH

kaptinlin Striking <= 2.3.4 - Path Traversal

CVE-2024-37266 MEDIUM

Themeum Tutor LMS <= 2.7.1 - Path Traversal

CVE-2024-37224 HIGH

SP Project & Document Manager < 4.71 - Path Traversal

CVE-2024-5456 HIGH

Panda Video <1.4.0 - Local File Inclusion

CVE-2024-37547 MEDIUM

Livemesh Addons for Elementor < 8.4.0 - Path Traversal

CVE-2024-39178 MEDIUM

MyPower vc8100 V100R001C00B030 - Path Traversal via tcpdump.php menu_uuid Parameter

CVE-2024-39937 HIGH

supOS 5.0 - Path Traversal via Image Download API

CVE-2024-2385 HIGH

Elementor Addons by Livemesh <8.3.7 - Code Injection

CVE-2024-33870 MEDIUM

Artifex Ghostscript < 10.03.1 - Path Traversal via PostScript Document

CVE-2024-33869 MEDIUM

Ghostscript < 10.03.1 - Path Traversal and Command Execution via Crafted PostScript Document

Previous Page 109 of 367 Next

Details

Vulnerabilities 9,158

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy