Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,214 vulnerabilities with CWE-22

CVE-2023-3241 LOW

otcms < 6.62 - Path Traversal via /admin/read.php url Parameter

CVE-2023-2278 CRITICAL

WP Directory Kit <1.1.9 - Local File Inclusion

CVE-2023-34342 MEDIUM

AMI MegaRAC SP-X 12.0-12.7 - Path Traversal and Arbitrary File Upload/Download via IPMI Handler

CVE-2023-34345 MEDIUM

AMI MegaRAC SP-X 12.0-12.7 - Authenticated Path Traversal via SPX REST API

CVE-2023-30198 HIGH

winbizpayment <= 1.0.2 - Path Traversal via download.php

CVE-2023-2688 MEDIUM

WordPress File Upload <4.19.1 - Path Traversal

CVE-2023-3172 HIGH

froxlor/froxlor <2.0.20 - Path Traversal

CVE-2023-34096 MEDIUM

Thruk < 3.06.2 - Path Traversal via Panorama Location Parameter

CVE-2023-34238 MEDIUM

Gatsby < 4.25.7 - Local File Inclusion via __file-code-frame and __original-stack-frame Paths

CVE-2023-29502 MEDIUM

Vuforia Studio < 9.9 - Path Traversal via appConfig.json resourceDirectory Attribute

CVE-2023-1864 MEDIUM

FANUC ROBOGUIDE-HandlingPRO <9 Rev.ZD - Path Traversal

CVE-2023-33510 HIGH

Jeecg P3 Biz Chat <1.0.5 - Info Disclosure

CVE-2023-34409 CRITICAL

Percona Monitoring and Management 2.x < 2.37.1 - Unauthenticated Path Traversal via API Route Bypass

CVE-2023-33747 HIGH

CloudPanel 2.0.0-2.2.2 - Path Traversal

CVE-2023-33524 MEDIUM

Advent/SSC Inc. Tamale RMS < 23.1 - Path Traversal

CVE-2023-33690 MEDIUM

sonicjs < 0.7.0 - Authenticated Path Traversal via Backup CMS Filename Injection

CVE-2023-3098 MEDIUM

KylinSoft youker-assistant <3.0.2-0kylin6k70-23 - Path Traversal

CVE-2023-34407 HIGH

Harbinger Offline Player 4.0.6.0.2 - Path Traversal via URL

CVE-2023-28163 MEDIUM

Firefox < 111.0 and Firefox ESR < 102.9 - Path Traversal via Save As Dialog

CVE-2023-25750 MEDIUM

Firefox < 111.0 - Path Traversal via ServiceWorker Offline Cache

CVE-2023-3031 MEDIUM

King-Avis <17.3.15 - Path Traversal

CVE-2023-29736 CRITICAL

keyboard_themes 1.275.1.164 - Path Traversal and Arbitrary File Write

CVE-2023-27640 HIGH

tshirtecommerce Custom Product Designer < 2.1.4 - Path Traversal via Fonts Endpoint

CVE-2023-27639 HIGH

Custom Product Designer < 2.1.4 - Path Traversal via file_name Parameter in SVG Endpoint

CVE-2023-32714 HIGH

Splunk App for Lookup File Editing < 4.0.1 - Path Traversal and Arbitrary File Write

Previous Page 150 of 369 Next

Details

Vulnerabilities 9,214

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy