Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-50950 MEDIUM

Webile 1.0.1 - Unauthenticated Path Traversal

CVE-2022-50939 HIGH

e107 CMS 3.2.1 - Authenticated Path Traversal and Arbitrary File Write via Media Manager Upload Caption

CVE-2022-50932 HIGH

Kyocera Command Center RX ECOSYS M2035dn - Path Traversal

CVE-2022-50890 HIGH

Owlfiles File Manager 12.0.1 - Path Traversal

CVE-2022-50796 CRITICAL

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x - RCE

CVE-2022-50792 HIGH

SOUND4 IMPACT/FIRST/PULSE/Eco <2 - Info Disclosure

CVE-2022-4982 HIGH

DBLTek GoIP-1 <GHSFVT-1.1-67-5 - Local File Inclusion

CVE-2022-25773 MEDIUM

Mautic < 5.2.3 - Path Traversal via Asset Upload Functionality

CVE-2022-45374 HIGH

YARPP < 5.30.4 - PHP Local File Inclusion via Path Traversal

CVE-2022-45368 HIGH

Lenderd 1003 Mortgage Application - Path Traversal

CVE-2022-0369 HIGH

Triangle MicroWorks SCADA Data Gateway - Remote Code Execution

CVE-2022-45852 MEDIUM

WP-FormAssembly <2.0.5 - Path Traversal

CVE-2022-25377 HIGH

Appwrite 0.5.0-0.12.1 - Unauthenticated Path Traversal via ACME Challenge Endpoint

CVE-2022-45792 HIGH

Omron SYSMAC Studio < 1.54.0 - Path Traversal and Arbitrary File Write via Project File

CVE-2022-41761 MEDIUM

NOKIA NFM-T R19.9 - Authenticated Path Traversal via viewlog.pl logfile Parameter

CVE-2022-41760 MEDIUM

NOKIA NFM-T R19.9 - Authenticated Path Traversal via filename Parameter

CVE-2022-41951 HIGH

OroPlatform < 5.0.9 - Path Traversal via FileManager::getTemporaryFileName

CVE-2022-27229 MEDIUM

Intel(R) NUC Kits <1.79.1.1 - Privilege Escalation

CVE-2022-38485 MEDIUM

AgeVolt Portal <0.1 - Info Disclosure

CVE-2022-38484 HIGH

AgeVolt Portal <0.1 - Path Traversal

CVE-2022-33165 MEDIUM

IBM Security Directory Server 6.4.0 - Path Traversal

CVE-2022-35908 HIGH

Cambium Enterprise Wi-Fi System Software <6.4.2 - Info Disclosure

CVE-2022-4244 HIGH

plexus-utils < 3.0.24 - Path Traversal via Dot-Dot-Slash Sequences

CVE-2022-45447 MEDIUM

Prestashop m4_pdf < 3.2.3 - Path Traversal via 'f' Parameter in /m4pdf/pdf.php

CVE-2022-28357 CRITICAL

NATS nats-server <2.7.4 - Path Traversal

Previous Page 159 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy