Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-43858 MEDIUM

IBM Navigator for i <7.5 - Privilege Escalation

CVE-2022-43857 MEDIUM

IBM Navigator for i <7.5 - Auth Bypass

CVE-2022-3184 CRITICAL

Dataprobe iBoot-PDU Firmware < 1.42.06162022 - Unauthenticated Path Traversal and Arbitrary File Write via Old PHP Page

CVE-2022-36221 MEDIUM

Nokia Fastmile 3tg00118abad52 - Path Traversal

CVE-2022-25895 HIGH

lite-dev-server - Path Traversal via req.url Input

CVE-2022-41591 HIGH

Huawei EMUI and HarmonyOS - Path Traversal in Backup Module

CVE-2022-25931 HIGH

easy-static-server - Path Traversal via req.url Input

CVE-2022-41418 HIGH

BlogEngine.NET 3.3.8.0 - Remote Code Execution via Crafted PNG Upload

CVE-2022-40607 MEDIUM

IBM Spectrum Scale < 5.1.4.0 - Path Traversal via Pod and Persistent Volume Claim

CVE-2022-4063 CRITICAL

InPost Gallery <2.1.4.1 - Code Injection

CVE-2022-4594 MEDIUM

TJWS2 < 2022-05-24 - Path Traversal in WarRoller.java deployWar Function

CVE-2022-4583 MEDIUM

jLEMS < 2022-07-29 - Path Traversal via unpackJar Function

CVE-2022-4572 MEDIUM

UBI Reader < 0.8.0 - Path Traversal in UBIFS File Handler

CVE-2022-23531 MEDIUM

GuardDog < 0.1.5 - Arbitrary File Write via Tarfile Extraction Path Traversal

CVE-2022-23530 MEDIUM

GuardDog < 0.1.8 - Arbitrary File Write via Tarball Extraction

CVE-2022-46137 HIGH

AeroCMS 0.0.1 - Path Traversal

CVE-2022-20505 MEDIUM

Android 13 - Path Traversal in CallLogProvider

CVE-2022-45969 CRITICAL

Alist 3.4.0 - Path Traversal

CVE-2022-4511 MEDIUM

DocSys - Path Traversal in UserController#getUserImg

CVE-2022-32573 CRITICAL

Lansweeper 10.1.1.0 - Path Traversal and Arbitrary File Upload via AssetActions.aspx addDoc

CVE-2022-29517 CRITICAL

Lansweeper 10.1.1.0 - Path Traversal and Arbitrary File Upload via HelpdeskActions.aspx

CVE-2022-29511 MEDIUM

Lansweeper 10.1.1.0 - Path Traversal and Arbitrary File Read via KnowledgebasePageActions.aspx ImportArticles

CVE-2022-27498 MEDIUM

Lansweeper 10.1.1.0 - Path Traversal and Arbitrary File Read via TicketTemplateActions.aspx GetTemplateAttachment

CVE-2022-31703 HIGH

vRealize Log Insight < 8.10.1 - Unauthenticated Path Traversal and Remote Code Execution

CVE-2022-46256 HIGH

GitHub Enterprise Server - Path Traversal

Previous Page 165 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy