Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,205 vulnerabilities with CWE-22

CVE-2023-6407 MEDIUM

Schneider Electric Easy UPS Online Monitoring Software <= 2.6-ga-01-23248 - Path Traversal

CVE-2023-43586 HIGH

Zoom Desktop Client for Windows - Privilege Escalation

CVE-2023-47624 HIGH

audiobookshelf < 2.4.3 - Path Traversal via HLS Endpoint

CVE-2023-44251 HIGH

FortiWAN 5.1.1-5.1.2 and 5.2.0-5.2.1 - Authenticated Path Traversal and Arbitrary File Deletion

CVE-2023-6753 HIGH

MLflow < 2.9.2 - Path Traversal

CVE-2023-49089 HIGH

Umbraco <8.18.10-12.3.0 - Path Traversal

CVE-2023-28465 HIGH

HL7 FHIR Core Libraries <5.6.106 - Path Traversal

CVE-2023-46455 HIGH

GL.iNET GL-AR300M <4.3.7 - Path Traversal

CVE-2023-45316 HIGH

Mattermost < 7.8.14 - Cross-Site Request Forgery via Telemetry Run ID Path Traversal

CVE-2023-49058 LOW

SAP Master Data Governance File Upload - Path Traversal

CVE-2023-36654 MEDIUM

ProLion CryptoSpike 3.0.15P2 - Path Traversal

CVE-2023-50449 HIGH

JFinalCMS 5.0.0 - Path Traversal via File Download fileKey Parameter

CVE-2023-6120 MEDIUM

Welcart e-Commerce <2.9.6 - Path Traversal

CVE-2023-49788 HIGH

Collaboraoffice Richdocumentscode < 23.5.602 - Path Traversal

CVE-2023-46497 MEDIUM

EverShop <1.0.0-rc.8 - Path Traversal

CVE-2023-46496 HIGH

EverShop <1.0.0-rc.8 - Path Traversal

CVE-2023-46493 MEDIUM

EverShop <1.0.0-rc.8 - Path Traversal

CVE-2023-6577 MEDIUM

Byzoro PatrolFlow <20231126 - Path Traversal

CVE-2023-47440 MEDIUM

Gladys Assistant < 4.30.0 - Authenticated Path Traversal

CVE-2023-33411 HIGH

Supermicro IPMI <3.17.02 - Path Traversal

CVE-2023-46307 HIGH

etcd-browser <87ae63d75260 - Path Traversal

CVE-2023-6458 HIGH

Mattermost < 7.8.14, 8.1.5, 9.1.2 - Client-Side Path Traversal via Route Parameters

CVE-2023-5105 MEDIUM

WordPress Plugin <22.6 - Auth Bypass

CVE-2023-44306 MEDIUM

Dell DM5500 Firmware < 5.14.0.0 - Path Traversal and Arbitrary File Write

CVE-2023-49108 HIGH

RakRak Document Plus <6.4.0.7 - Path Traversal

Previous Page 136 of 369 Next

Details

Vulnerabilities 9,205

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy