Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,161 vulnerabilities with CWE-22

CVE-2024-4347 HIGH

WP Fastest Cache <1.2.6 - Path Traversal

CVE-2024-5147 CRITICAL

WPZOOM Addons for Elementor <1.1.37 - Local File Inclusion

CVE-2024-35162 MEDIUM

Download Plugins and Themes from Dashboard < 1.8.6 - Authenticated Path Traversal

CVE-2024-31394 MEDIUM

a-blog cms < 2.10.53 - Authenticated Path Traversal

CVE-2024-5040 HIGH

LAquis SCADA < 4.7.1.7 - Path Traversal

CVE-2024-4442 CRITICAL

Salon booking system plugin - Path Traversal

CVE-2024-34193 HIGH

smanga 3.2.7 - Path Traversal via File Parameter

CVE-2024-32830 HIGH

BuddyForms <= 2.8.8 - Path Traversal and Server-Side Request Forgery

CVE-2024-32680 HIGH

HUSKY - Products Filter for WooCommerce < 1.3.5.2 - Path Traversal and Code Injection via Malicious File Upload

CVE-2024-31300 HIGH

appscreo Easy Social Share Buttons <9.4 - Path Traversal

CVE-2024-31232 HIGH

Sizam Design Rehub <19.6.1 - Path Traversal

CVE-2024-31231 CRITICAL

Sizam Design Rehub <19.6.1 - Path Traversal

CVE-2024-30509 MEDIUM

Artbees SellKit <1.8.1 - Path Traversal

CVE-2024-27954 CRITICAL

WP Automatic <3.92.0 - Path Traversal

CVE-2024-24934 HIGH

Elementor Website Builder <= 3.19.0 - Path Traversal and Arbitrary File Deletion

CVE-2024-24869 HIGH

BoldGrid Total Upkeep <1.15.8 - Path Traversal

CVE-2024-4956 HIGH

Sonatype Nexus Repository <3.68.1 - Path Traversal

CVE-2024-34808 MEDIUM

JCH Optimize <4.2.0 - Path Traversal

CVE-2024-3848 HIGH

MLflow < 2.12.1 - Path Traversal via URL Fragment Bypass

CVE-2024-3403 HIGH

PrivateGPT 0.2.0-0.5.9 - Local File Inclusion via File Upload Manipulation

CVE-2024-3484 MEDIUM

OpenText iManager 3.2.6.0200 - Path Traversal

CVE-2024-3318 MEDIUM

DelimitedFileConnector - Path Traversal

CVE-2024-32465 HIGH

Git < 2.39.4 - Path Traversal via Untrusted Repository Archive

CVE-2024-32002 CRITICAL

Git <2.45.1-2.39.4 - Code Injection

CVE-2024-1630 HIGH

GE HealthCare ultrasound device - Path Traversal

Previous Page 115 of 367 Next

Details

Vulnerabilities 9,161

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy