Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-33164 HIGH

IBM Security Directory Server 7.2.0 - Path Traversal

CVE-2022-26838 MEDIUM

Cybozu Remote Service <3.1.2 - Path Traversal

CVE-2022-42182 MEDIUM

Precisely Spectrum Spatial Analyst 20.01 - Path Traversal

CVE-2022-31457 HIGH

rtx_trap v1.0 - Path Traversal via /data/ Endpoint

CVE-2022-46902 HIGH

Vocera Report Server & Voice Server <5.8 - Path Traversal

CVE-2022-46900 MEDIUM

Vocera Report Server & Voice Server <5.8 - Path Traversal

CVE-2022-46898 CRITICAL

Vocera Report Server & Voice Server <5.8 - Path Traversal

CVE-2022-23447 HIGH

Fortinet Fortiextender Firmware < 3.2.4 - Path Traversal

CVE-2022-42474 MEDIUM

Fortinet Fortiproxy < 1.0.7 - Path Traversal

CVE-2022-47526 CRITICAL

Fox-IT DataDiode 3.4.3 - Path Traversal and Arbitrary File Write

CVE-2022-36243 MEDIUM

Shop Beat Media Player <3.2.57 - Path Traversal

CVE-2022-24632 MEDIUM

AudioCodes Device Manager Express <7.8.20002.47752 - Path Traversal

CVE-2022-24629 CRITICAL

AudioCodes Device Manager Express <7.8.20002.47752 - RCE

CVE-2022-46945 CRITICAL

NagVis < 1.9.34 - Arbitrary File Read via Hover URL Component

CVE-2022-36328 MEDIUM

Western Digital My Cloud <OS 5 - Path Traversal

CVE-2022-36327 MEDIUM

Western Digital My Cloud <OS 5 - Path Traversal

CVE-2022-34855 MEDIUM

Intel NUC Pro Software Suite < 2.0.0.3 - Authenticated Path Traversal

CVE-2022-47757 CRITICAL

imo.im 2022.11.1051 - Path Traversal and Arbitrary File Write via Unsanitized Deeplink

CVE-2022-47875 HIGH

Jedox Cloud - Authenticated Path Traversal and Remote Code Execution via /be/erpc.php

CVE-2022-48483 HIGH

3cx < 18.0.3.461 - Unauthenticated Path Traversal via Electron Download Endpoint

CVE-2022-48482 HIGH

3cx < 18.0.2.315 - Unauthenticated Path Traversal via Electron Download Endpoint

CVE-2022-48476 HIGH

JetBrains Ktor < 2.3.0 - Path Traversal via resolveResource Method

CVE-2022-34127 HIGH

Managentities <4.0.2 - Path Traversal

CVE-2022-34126 HIGH

GLPI Activity plugin < 3.1.1 - Path Traversal via front/cra.send.php File Parameter

CVE-2022-47501 HIGH

Apache OFBiz < 18.12.07 - Unauthenticated Arbitrary File Read via Solr Plugin

Previous Page 160 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy