Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-20962 LOW

Cisco Identity Services Engine - Authenticated Path Traversal and Arbitrary File Write via Absolute Path Sequences

CVE-2022-41670 HIGH

SGIUtility <V3.3 Hotfix 1 - Path Traversal

CVE-2022-41667 HIGH

EcoStruxure Operator Terminal Expert <V3.3 Hotfix 1 - Path Traversal

CVE-2022-43451 HIGH

OpenHarmony <v3.1.2 - Path Traversal

CVE-2022-32287 HIGH

Apache UIMA < 3.3.0 - Path Traversal via ZIP Entry in PEAR File

CVE-2022-32938 MEDIUM

iPadOS < 16.0 - Path Traversal via Shortcut Path Handling

CVE-2022-34662 MEDIUM

Apache DolphinScheduler < 3.0.0 - Authenticated Path Traversal via Resource Center

CVE-2022-41772 CRITICAL

Delta Electronics InfraSuite Device Master <0.00.01a - Path Traversal

CVE-2022-41657 CRITICAL

Delta Electronics InfraSuite Device Master <00.00.01a - Code Injection

CVE-2022-40742 MEDIUM

Mail SQR Expert - Unauthenticated Local File Inclusion via .asp File Extension

CVE-2022-39023 MEDIUM

U-Office Force < 20.50.7821d - Authenticated Path Traversal via Download Function

CVE-2022-39022 MEDIUM

U-Office Force < 20.50.7821d - Authenticated Path Traversal via Download Function

CVE-2022-39367 HIGH

QTIWorks < 1.0-beta15 - Path Traversal via ZIP File Extraction

CVE-2022-26884 MEDIUM

Apache DolphinScheduler <2.0.6 - Info Disclosure

CVE-2022-3387 MEDIUM

Advantech R-SeeNet <2.4.19 - Path Traversal

CVE-2022-0072 MEDIUM

OpenLiteSpeed 1.5.11-1.5.12 1.6.5-1.6.20.1 <1.7.16.1 - Path Traversal

CVE-2022-20955 MEDIUM

Cisco TelePresence Collaboration Endpoint and RoomOS - Path Traversal and Arbitrary File Write

CVE-2022-20954 MEDIUM

Cisco TelePresence Collaboration Endpoint < 10.19.1 and RoomOS - Path Traversal and Arbitrary File Write

CVE-2022-20953 MEDIUM

Cisco TelePresence Collaboration Endpoint < 10.19.1 and RoomOS - Path Traversal

CVE-2022-20822 HIGH

Cisco Identity Services Engine - Authenticated Path Traversal and Arbitrary File Deletion via Web Interface

CVE-2022-20811 MEDIUM

Cisco TelePresence 9.0.0.0-9.15.12.9 & RoomOS <10.15.1 - Path Traversal & Arbitrary File Write

CVE-2022-20776 MEDIUM

Cisco TelePresence CE/RoomOS - Path Traversal

CVE-2022-43748 MEDIUM

Synology Presto File Server <2.1.2-1601 - Path Traversal

CVE-2022-39345 CRITICAL

gin-vue-admin < 2.5.4 - Path Traversal and Arbitrary File Write

CVE-2022-38196 MEDIUM

Esri ArcGIS Server <10.9.1 - Path Traversal

Previous Page 169 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy