Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,161 vulnerabilities with CWE-22

CVE-2024-23772 MEDIUM

Quest KACE Agent for Windows <13.1.23.0 - File Create

CVE-2024-33350 CRITICAL

TaoCMS 3.0.2 - Path Traversal and Arbitrary File Write via file.php Component

CVE-2024-31801 HIGH

NEXSYS-ONE < Rev.15320 - Path Traversal

CVE-2024-3195 MEDIUM

MailCleaner <2023.03.14 - Path Traversal

CVE-2024-4297 MEDIUM

HGiga iSherlock 4.5-4.5-147 - Authenticated Path Traversal via System Configuration Interface

CVE-2024-4296 MEDIUM

HGiga iSherlock 4.5-4.5-149 - Authenticated Path Traversal via Account Management Interface

CVE-2024-3034 LOW

BackUpWordPress <3.13 - Path Traversal

CVE-2024-2434 HIGH

GitLab CE/EE <16.9.6-16.11.1 - Path Traversal

CVE-2024-28977 LOW

Dell Repository Manager 3.4.2-3.4.4 - Path Traversal in Logger Module

CVE-2024-28976 HIGH

Dell Repository Manager < 3.4.5 - Path Traversal in API Module

CVE-2024-32869 MEDIUM

Hono < 4.2.7 - Path Traversal via serveStatic in Deno

CVE-2024-32258 HIGH

fceux 2.7.0 - Unauthenticated Path Traversal and Arbitrary File Write via Fake ROM

CVE-2024-32399 HIGH

RaidenMAILD Mail Server <4.9.4 - Path Traversal

CVE-2024-31450 LOW

owncast < 0.1.3 - Authenticated Path Traversal via Emoji Delete Endpoint

CVE-2024-31552 HIGH

CuteHttpFileServer <3.1 - Info Disclosure

CVE-2024-31587 MEDIUM

SecuSTATION Camera <V2.5.5.3116-S50-SMA-B20160811A - Info Disclosure

CVE-2024-27984 HIGH

Ivanti Avalanche < 6.4.3 - Authenticated Path Traversal and Denial of Service

CVE-2024-27977 HIGH

Ivanti Avalanche < 6.4.3 - Authenticated Path Traversal and Arbitrary File Deletion

CVE-2024-27976 HIGH

Ivanti Avalanche < 6.4.3 - Authenticated Path Traversal and Remote Code Execution

CVE-2024-25000 HIGH

Ivanti Avalanche <6.4.3 - Path Traversal

CVE-2024-24999 HIGH

Ivanti Avalanche <6.4.3 - Path Traversal

CVE-2024-24997 HIGH

Ivanti Avalanche <6.4.3 - Path Traversal

CVE-2024-24994 HIGH

Ivanti Avalanche <6.4.3 - Path Traversal

CVE-2024-24992 HIGH

Ivanti Avalanche <6.4.3 - Path Traversal

CVE-2024-23535 HIGH

Ivanti Avalanche < 6.4.3 - Authenticated Path Traversal and Remote Code Execution

Previous Page 117 of 367 Next

Details

Vulnerabilities 9,161

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy