Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2023-27562 MEDIUM

n8n < 0.216.1 - Path Traversal

CVE-2023-26126 HIGH

m.static < 2.2.0 - Path Traversal via requestFile Function

CVE-2023-28127 HIGH

Ivanti Avalanche < 6.3.4.153 - Path Traversal and Information Disclosure via getLogFile

CVE-2023-20098 MEDIUM

Cisco SDWAN vManage Software - Path Traversal

CVE-2023-29128 LOW

SIMATIC Cloud Connect 7 - Path Traversal

CVE-2023-29104 MEDIUM

SIMATIC Cloud Connect 7 - Path Traversal

CVE-2023-27409 LOW

SCALANCE LPE9403 < 2.1 - Authenticated Path Traversal via Deviceinfo Binary Mac Parameter

CVE-2023-31181 HIGH

WJJ Software - InnoKB Server, InnoKB/Console <2.2.1 - Path Traversal

CVE-2023-31179 MEDIUM

AgilePoint NX <8.0 SU2.2-2.3 - Path Traversal

CVE-2023-30855 MEDIUM

pimcore < 10.5.18 - Path Traversal and Arbitrary File Write

CVE-2023-32235 HIGH

Ghost < 5.42.1 - Path Traversal via /assets/built%2F..%2F..%2F/

CVE-2023-25289 HIGH

virtualreception Digital Receptie win7sp1_rtm.101119-1850 6.1.7601.1.0.65792 - Path Traversal via Crafted GET Request

CVE-2023-30268 CRITICAL

cltphp <=6.0 - Path Traversal

CVE-2023-27993 MEDIUM

FortiADC 7.2.0 and before 7.1.1 - Authenticated Path Traversal via CLI Commands

CVE-2023-28406 MEDIUM

BIG-IP 13.1.0-13.1.5 - Authenticated Path Traversal in Configuration Utility

CVE-2023-31483 HIGH

Cauldron cbang <bastet-v8.1.17 - Path Traversal

CVE-2023-30380 HIGH

dedecms v5.7.107 - Path Traversal via /dialog/select_media.php

CVE-2023-30852 MEDIUM

pimcore < 10.5.21 - Authenticated Path Traversal and Arbitrary File Read via Script Proxy Endpoint

CVE-2023-2336 MEDIUM

pimcore < 10.5.21 - Path Traversal

CVE-2023-24836 HIGH

SUNNET CTMS - Authenticated Path Traversal and Arbitrary File Write via File Upload Function

CVE-2023-22901 MEDIUM

ChangingTec mobile_one_time_password < 3.11 - Authenticated Path Traversal

CVE-2023-26243 HIGH

Hyundai Gen5W_L Infotainment Firmware AE_E_PE_EUR.S5W_L001.001.211214 - Info Leak & Arbitrary Firmware Install

CVE-2023-30265 MEDIUM

cltphp < 6.0 - Path Traversal

CVE-2023-2273 MEDIUM

Rapid7 Insight Agent < 3.3.0 - Path Traversal and Arbitrary File Write via CLI Argument

CVE-2023-25815 LOW

Git for Windows < 2.40.1 - Path Traversal via Fake Localized Messages

Previous Page 153 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy