Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-47506 HIGH

SolarWinds Orion Platform - Authenticated Path Traversal and Arbitrary Command Execution via Default Configuration Edit

CVE-2022-48323 CRITICAL

Sunlogin Sunflower Simplified 1.0.1.43315 - Unauthenticated Path Traversal via Crafted HTTP Request

CVE-2022-25937 MEDIUM

glance < 3.0.9 - Path Traversal

CVE-2022-47762 HIGH

gin-vue-admin < 2.5.5 - Path Traversal via Download Module

CVE-2022-3560 MEDIUM

pesign < 116 - Path Traversal via Symbolic Link Handling

CVE-2022-45783 MEDIUM

dotcms 4.0.0-22.10.2 - Authenticated Path Traversal and Remote Code Execution via API

CVE-2022-47768 HIGH

Serenissima Informatica Fast Checkin 1.0 - Path Traversal

CVE-2022-46835 HIGH

IdentityIQ <8.3p2, <8.2p5, <8.1p7, <8.0p6 - Path Traversal

CVE-2022-39059 HIGH

ChangingTech MegaServiSignAdapter - Path Traversal

CVE-2022-22731 MEDIUM

EcoStruxure Power Commission < 2.22 - Path Traversal and Arbitrary File Write

CVE-2022-0223 MEDIUM

EcoStruxure Power Commission <V2.22 - Path Traversal

CVE-2022-38451 HIGH

FreshTomato 2022.5 - Path Traversal

CVE-2022-25936 HIGH

servst < 2.0.3 - Path Traversal via Improper File Path Sanitization

CVE-2022-48285 HIGH

JSZip < 3.8.0 - Path Traversal via Crafted ZIP Archive

CVE-2022-43979 MEDIUM

Pandora FMS < 766 - Path Traversal and Local File Inclusion via Insufficient Path Validation

CVE-2022-39812 HIGH

Italtel NetMatch-S CI 5.2.0-20211008 - Unauthenticated Path Traversal via SaveFileUploader uploadDir Parameter

CVE-2022-2712 MEDIUM

Eclipse GlassFish 5.1.0-6.2.5 - Unauthenticated Path Traversal via Relative Path

CVE-2022-47951 MEDIUM

OpenStack Cinder/Glance/Nova Path Traversal via VMDK Image Backing File Reference

CVE-2022-41154 MEDIUM

Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 - Path Traversal

CVE-2022-40701 HIGH

Siretta QUARTZ-GOLD Firmware G5.0.1.5-210720-141020 - Path Traversal via httpd delfile.cgi

CVE-2022-39045 HIGH

Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 - File Write

CVE-2022-38088 MEDIUM

Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 - Path Traversal

CVE-2022-4510 HIGH

binwalk 2.1.2b-2.3.3 - Path Traversal and Remote Code Execution via Malicious PFS Filesystem

CVE-2022-43864 HIGH

IBM Business Automation Workflow 22.0.2 - Path Traversal

CVE-2022-31706 CRITICAL

VMware vRealize Log Insight 3.0-4.8 - Unauthenticated Path Traversal and Remote Code Execution

Previous Page 162 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy