Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,161 vulnerabilities with CWE-22

CVE-2023-41825 LOW

Motorola Ready For - Path Traversal

CVE-2023-51603 HIGH

Honeywell Saia PG5 Controls Suite - Path Traversal

CVE-2023-51599 HIGH

Honeywell Saia PG5 Controls Suite - RCE

CVE-2023-50233 HIGH

Inductive Automation Ignition 8.1.0-8.1.33 - Remote Code Execution via getJavaExecutable Path Traversal

CVE-2023-44451 HIGH

Linux Mint Xreader - Remote Code Execution via EPUB File Parsing Path Traversal

CVE-2023-42130 HIGH

A10networks Advanced Core Operating System < 5.2.1 - Path Traversal

CVE-2023-42129 MEDIUM

A10networks Advanced Core Operating System < 5.2.1 - Path Traversal

CVE-2023-42033 HIGH

Visualware MyConnection Server - Remote Code Execution via doPostUploadfiles Path Traversal

CVE-2023-41182 HIGH

NETGEAR ProSAFE Network Management System - RCE

CVE-2023-41181 MEDIUM

LG SuperSign Media Editor - Info Disclosure

CVE-2023-40517 HIGH

LG SuperSign Media Editor - Info Disclosure

CVE-2023-40514 MEDIUM

LG Simple Editor - Authenticated Directory Traversal in FileManagerController getImageByFilename

CVE-2023-40513 MEDIUM

LG Simple Editor - Authenticated Path Traversal and Information Disclosure via UserManageController getImageByFilename

CVE-2023-40512 MEDIUM

LG Simple Editor - Authenticated Directory Traversal in PlayerController getImageByFilename

CVE-2023-40509 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Arbitrary File Deletion via deleteCanvas Method

CVE-2023-40508 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Arbitrary File Deletion via putCanvasDB Method

CVE-2023-40502 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Arbitrary File Deletion via cropImage Command

CVE-2023-40499 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Arbitrary File Deletion via mkdir Command

CVE-2023-40498 CRITICAL

LG Simple Editor - Unauthenticated Remote Code Execution via Path Traversal in cp Command

CVE-2023-40497 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Remote Code Execution via saveXml Command

CVE-2023-40496 HIGH

LG Simple Editor - Unauthenticated Path Traversal and Information Disclosure via copyStickerContent Command

CVE-2023-40495 HIGH

LG Simple Editor - Unauthenticated Path Traversal and Information Disclosure via copyTemplateAll Method

CVE-2023-40494 CRITICAL

LG Simple Editor - Unauthenticated Arbitrary File Deletion via deleteFolder Path Traversal

CVE-2023-40493 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Remote Code Execution via copySessionFolder Command

CVE-2023-40492 CRITICAL

LG Simple Editor - Unauthenticated Path Traversal and Arbitrary File Deletion via deleteCheckSession

Previous Page 128 of 367 Next

Details

Vulnerabilities 9,161

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy