Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-29844 MEDIUM

Western Digital My Cloud OS 5 - Path Traversal and Arbitrary File Write via FTP Service

CVE-2022-25882 HIGH

ONNX < 1.13.0 - Path Traversal via Tensor Proto External Data Field

CVE-2022-21192 HIGH

serve-lite - Path Traversal via req.url

CVE-2022-46639 HIGH

Correos Prestashop <1.7.x - Path Traversal

CVE-2022-46959 MEDIUM

sonic < 1.0.5 - Path Traversal via /admin/backups/work-dir

CVE-2022-47747 HIGH

uber/kraken <= 0.1.4 - Arbitrary File Read via testfs Component

CVE-2022-43975 HIGH

GE Grid Solutions MS3000 <3.7.6.25p0-4.7p0 - Path Traversal

CVE-2022-2893 HIGH

RONDS EPM 1.19.5 - Path Traversal via Filename Parameter

CVE-2022-41956 MEDIUM

Autolab < 2.10.0 - Path Traversal and Arbitrary File Read via Remote Handin Feature

CVE-2022-23532 HIGH

APOC < 4.3.0.12 - Path Traversal via apoc.export.* Procedures

CVE-2022-45299 CRITICAL

webbrowser < 0.8.3 - Path Traversal via IpFile Argument

CVE-2022-42136 HIGH

MailEnable < 8.66 - Authenticated Remote Code Execution via Public Folder File Upload

CVE-2022-3693 HIGH

FileOrbis File Management System < 10.6.3 - Path Traversal

CVE-2022-3782 CRITICAL

Keycloak - Path Traversal via Double URL Encoding

CVE-2022-42287 MEDIUM

NVIDIA BMC < 00.19.07 - Authenticated Path Traversal and Arbitrary File Upload/Download via IPMI Handler

CVE-2022-42282 MEDIUM

NVIDIA BMC < 00.19.07 - Authenticated Path Traversal via SPX REST API

CVE-2022-42280 HIGH

NVIDIA BMC < 00.19.07 - Unauthenticated Path Traversal in SPX REST Auth Handler

CVE-2022-4885 MEDIUM

sviehb jefferson <0.4 - Path Traversal

CVE-2022-48253 CRITICAL

Nostromo < 2.1 - Path Traversal and Remote Code Execution via homedirs Option

CVE-2022-4636 HIGH

Black Box KVM Firmware <3.4.31307 - Path Traversal

CVE-2022-45093 HIGH

SINEC INS < V1.0 SP2 Update 1 - Authenticated Path Traversal and Arbitrary File Write via Web Based Management and SFTP

CVE-2022-45092 CRITICAL

SINEC INS < V1.0 SP2 Update 1 - Authenticated Path Traversal and Arbitrary File Write via Web Based Management

CVE-2022-43514 HIGH

Automation License Manager <6.0 SP9 Upd4 - Path Traversal

CVE-2022-36928 MEDIUM

Zoom for Android < 5.13.0 - Path Traversal and Arbitrary File Write via Application Data Directory

CVE-2022-4884 LOW

Tribe29 Checkmk <=2.0.0p32, <=2.1.0p18 - Path Traversal

Previous Page 163 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy