Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2023-22773 HIGH

ArubaOS 8.6.0.0-8.6.0.18 and 8.7.0.0-2.3.0.0-8.7.0.0-2.3.0.7 - Authenticated Path Traversal

CVE-2023-22772 MEDIUM

ArubaOS 8.6.0.0-8.6.0.18 & SD-WAN 8.7.0.0-2.3.0.7 - Path Traversal & File Deletion

CVE-2023-20943 HIGH

Android - Path Traversal in ActivityManagerService.clearApplicationUserData

CVE-2023-0511 CRITICAL

ForgeRock Java Policy Agent < 5.10.1 - Authentication Bypass via Relative Path Traversal

CVE-2023-0339 CRITICAL

ForgeRock Access Management Web Policy Agent < 5.10.1 - Authentication Bypass via Relative Path Traversal

CVE-2023-26256 HIGH

STAGIL Navigation for Jira <2.0.52 - Path Traversal

CVE-2023-26255 HIGH

STAGIL Navigation for Jira <2.0.52 - Path Traversal

CVE-2023-25265 HIGH

Docmosis Tornado <= 2.9.4 - Path Traversal

CVE-2023-26758 HIGH

Sme.UP TOKYO V6R1M220406 - File Download

CVE-2023-1045 LOW

MuYuCMS 2.2 - Path Traversal via /admin.php/accessory/filesdel.html filedelur Parameter

CVE-2023-1044 MEDIUM

MuYuCMS 2.2 - Path Traversal via /editor/index.php file_path Parameter

CVE-2023-1043 MEDIUM

MuYuCMS 2.2 - Path Traversal via dir_path Parameter in Editor

CVE-2023-1009 MEDIUM

DrayTek Vigor 2960 1.5.1.4/1.5.1.5 - Path Traversal via Web Management Interface

CVE-2023-1002 MEDIUM

MuYuCMS 2.2 - Path Traversal via file_path Parameter

CVE-2023-22973 HIGH

OpenEMR < 7.0.0 - Authenticated Local File Inclusion via formname Parameter

CVE-2023-0104 CRITICAL

Weintek EasyBuilder Pro < 6.07.02.480 - Path Traversal via Malicious Project File

CVE-2023-25579 MEDIUM

Nextcloud Server < 23.0.12, 20.0.0-20.0.14 - Path Traversal via Folder::getFullPath()

CVE-2023-23063 HIGH

Cellinx NVT v1.0.6.002b - Path Traversal via /cgi-bin/GetFileContent.cgi

CVE-2023-0947 CRITICAL

flatpress < 1.2.1 - Path Traversal

CVE-2023-26265 MEDIUM

Borg theme <1.1.19 - Path Traversal

CVE-2023-24960 HIGH

IBM InfoSphere Information Server 11.7 - Path Traversal via Dot Dot Sequences

CVE-2023-22380 MEDIUM

GitHub Enterprise Server <3.7.6 - Path Traversal

CVE-2023-23784 MEDIUM

FortiWeb 6.3.6-6.3.20 and 7.0.0-7.0.2 - Path Traversal via Crafted Web Requests

CVE-2023-23778 MEDIUM

FortiWeb 6.2.3-6.2.6, 6.3, 6.4, 7.0-7.0.1 - Authenticated Path Traversal via Crafted Web Requests

CVE-2023-0862 HIGH

Netmodule Router Software < 4.3.0.119 - Path Traversal

Previous Page 157 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy