Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,205 vulnerabilities with CWE-22

CVE-2023-38879 HIGH

openSIS Classic <9.0 - Path Traversal

CVE-2023-48185 HIGH

TerraMaster 1.0-2.295 - Path Traversal via Crafted GET Request

CVE-2023-22273 HIGH

Adobe RoboHelp Server <11.4 - Path Traversal

CVE-2023-47283 MEDIUM

CubeCart < 6.5.3 - Authenticated Path Traversal

CVE-2023-42428 MEDIUM

CubeCart < 6.5.3 - Authenticated Path Traversal and Arbitrary File Deletion

CVE-2023-45382 HIGH

SoNice Retour < 2.1.0 - Unauthenticated Path Traversal and Arbitrary File Read

CVE-2023-6021 HIGH

Ray <2.8.1 - Unauthenticated Local File Inclusion via Log API

CVE-2023-6023 HIGH

ModelDB - Unauthenticated Path Traversal via Artifact Path Parameter

CVE-2023-6015 HIGH

MLflow < 2.8.1 - Unauthenticated Arbitrary File Write via PUT Request

CVE-2023-5245 HIGH

MLeap < 0.23.1 - Path Traversal and Remote Code Execution via FileUtil.extract()

CVE-2023-34062 HIGH

Reactor Netty HTTP Server <1.1.13-1.0.39 - Path Traversal

CVE-2023-6032 MEDIUM

Network Management Card - Path Traversal

CVE-2023-5189 MEDIUM

Ansible Automation Platform - Path Traversal via Malicious Tarball Extraction

CVE-2023-33878 MEDIUM

Intel(R) NUC P14E Laptop Element Audio Install Package <156 - Privi...

CVE-2023-32655 MEDIUM

Intel(R) NUC Kits & Mini PCs - Privilege Escalation

CVE-2023-32278 MEDIUM

Intel(R) NUC Uniwill Service Driver <1.0.1.7 - Privilege Escalation

CVE-2023-24592 HIGH

Intel(R) oneAPI Toolkits and Component <2023.1 - Privilege Escalation

CVE-2023-45880 HIGH

GibbonEdu Gibbon <25.0.0 - Path Traversal

CVE-2023-47246 CRITICAL KEV

SysAid < 23.3.36 - Path Traversal and Remote Code Execution via Tomcat Webroot File Write

CVE-2023-45283 HIGH

GO < 1.20.11 - Path Traversal

CVE-2023-40055 HIGH

SolarWinds Network Configuration Manager < 2023.4 - Directory Traversal Remote Code Execution

CVE-2023-40054 HIGH

SolarWinds Network Configuration Manager < 2023.4 - Directory Traversal Remote Code Execution

CVE-2023-47613 MEDIUM

Telit Cinterion BGS5 EHS5/6/8 PDS5/6/8 ELS61/81 PLS62 - Path Traversal

CVE-2023-36667 HIGH

Couchbase Server <7.1.5, <7.2.1 - Path Traversal

CVE-2023-46253 CRITICAL

Squidex - Authenticated Remote Code Execution via Backup Restore File Write

Previous Page 138 of 369 Next

Details

Vulnerabilities 9,205

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy