Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,158 vulnerabilities with CWE-22

CVE-2024-37231 HIGH

Salon Booking System < 9.9 - Path Traversal and Arbitrary File Deletion

CVE-2024-37092 HIGH

Consulting Elementor Widgets <= 1.3.0 - PHP Local File Inclusion via Path Traversal

CVE-2024-37089 CRITICAL

Consulting Elementor Widgets <= 1.3.0 - Unauthenticated Local File Inclusion via Path Traversal

CVE-2024-21518 HIGH

OpenCart >= 4.0.0.0 - Path Traversal via Marketplace Installer Zip Slip

CVE-2024-35781 MEDIUM

Word Balloon < 4.21.1 - PHP Local File Inclusion via Path Traversal

CVE-2024-35778 MEDIUM

Slideshow SE < 2.5.17 - Path Traversal

CVE-2024-4098 CRITICAL

Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion via shariff3uu_fetch_sharecounts

CVE-2024-5182 CRITICAL

mudler/localai <2.14.0 - Path Traversal

CVE-2024-38358 LOW

Wasmer < 4.3.2 - Path Traversal and Denial of Service via Symlink Handling

CVE-2024-36117 HIGH

Reposilite <3.5.10 - Path Traversal

CVE-2024-36116 HIGH

Reposilite 3.3.0-3.5.11 - Path Traversal and Arbitrary File Write via Javadoc Archive Extraction

CVE-2024-37902 CRITICAL

Ai.djl API < 0.28.0 - Path Traversal

CVE-2024-38449 HIGH

KasmVNC <1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 - Path Trav...

CVE-2024-36527 MEDIUM

Puppeteer-Renderer <3.2.0 - Path Traversal

CVE-2024-6044 MEDIUM

D-Link Wireless Router - Path Traversal

CVE-2024-24320 HIGH

CloudPanel 2.0.0-2.4.0 - Directory Traversal via Service Parameter in Load-Logfiles Function

CVE-2024-2024 HIGH

Folders Pro <3.0.2 - Code Injection

CVE-2024-2023 MEDIUM

Folders/Folders Pro <3.0-3.0.2 - Path Traversal

CVE-2024-27178 HIGH

Toshiba Tec - Remote Code Execution

CVE-2024-27177 HIGH

Toshiba Tec - Remote Code Execution

CVE-2024-27176 HIGH

Toshiba Tec - Remote Code Execution

CVE-2024-27174 CRITICAL

Toshiba e-Studio MFP Remote Command - Remote Code Execution

CVE-2024-27173 CRITICAL

Toshiba e-Studio MFP Remote Command - Remote Code Execution via Python File Overwrite

CVE-2024-27145 CRITICAL

Toshiba Tec e-Studio MFP - Path Traversal via Admin Web Interface File Upload

CVE-2024-27144 CRITICAL

Toshiba Printers - Privilege Escalation

Previous Page 111 of 367 Next

Details

Vulnerabilities 9,158

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy