Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-33897 CRITICAL

Robustel R1510 <3.1.16 - Path Traversal

CVE-2022-41780 MEDIUM

F5OS-A/F5OS-C <1.1.0/<1.4.0 - Path Traversal

CVE-2022-42188 HIGH

Lavalite 9.0.0 - Path Traversal via XSRF-TOKEN Cookie

CVE-2022-39058 HIGH

RAVA Certificate Validation System - Unauthenticated Path Traversal

CVE-2022-22245 MEDIUM

Juniper Networks Junos OS <19.1R3-S9, <19.2 - Path Traversal

CVE-2022-3060 HIGH

GitLab CE/EE <12.7 - Info Disclosure

CVE-2022-23770 HIGH

wisa smart_wing_cms < 19051 - Remote Command Execution via API Constructor Parameter

CVE-2022-22128 CRITICAL

Tableau Server Administration Agent - Path Traversal

CVE-2022-38424 HIGH

Adobe ColdFusion <Update 14 - Path Traversal

CVE-2022-38423 MEDIUM

Adobe ColdFusion <Update 14 - Path Traversal

CVE-2022-38422 HIGH

Adobe ColdFusion <Update 14 - Path Traversal

CVE-2022-38421 HIGH

Adobe ColdFusion <Update 14 - Path Traversal

CVE-2022-38418 CRITICAL

Adobe ColdFusion <Update 14 - Path Traversal

CVE-2022-33937 HIGH

Dell GeoDrive 1.0-2.2 - Path Traversal

CVE-2022-39802 HIGH

SAP Manufacturing Execution 15.1-15.3 - Path Traversal via File Path Request Parameter

CVE-2022-39296 HIGH

melisplatform/melis-asset-manager < 5.0.1 - Unauthenticated Path Traversal and Arbitrary File Read

CVE-2022-34430 HIGH

Dell Hybrid Client >=1.5 <1.8 - Path Traversal via Zip Bomb in UI

CVE-2022-34426 HIGH

Dell Container Storage Modules 1.2 - Path Traversal & OS Command Injection

CVE-2022-2554 MEDIUM

Enable Media Replace <4.0.0 - Path Traversal

CVE-2022-39858 HIGH

Samsung FactoryCamera < 3.5.51 - Path Traversal and Arbitrary File Write via AtBroadcastReceiver

CVE-2022-3389 HIGH

ikus060/rdiffweb <2.4.10 - Path Traversal

CVE-2022-42308 CRITICAL

Veritas NetBackup < 8.2 - Path Traversal and Arbitrary File Deletion via pbx_exchange Registration

CVE-2022-42305 MEDIUM

Veritas NetBackup < 10.0.0.1 - Path Traversal via DiscoveryService

CVE-2022-40123 MEDIUM

mojoPortal v2.7 - Authenticated Path Traversal via 'f' Parameter in CssEditor.aspx

CVE-2022-34429 MEDIUM

Dell Hybrid Client - Path Traversal via Zip Slip in UI

Previous Page 170 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy