Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-20791 MEDIUM

Cisco Unified Communications Manager < 11.5(1.10000.6) & IM & Presence Service < 12.5(1) - Arbitrary File Read

CVE-2022-31836 CRITICAL

beego < 2.0.3 and 1.12.0-1.12.11 and 2.0.0-2.0.3 - Path Traversal via leafInfo.match()

CVE-2022-32551 HIGH

ManageEngine ServiceDesk Plus MSP < 10604 - Path Traversal via WEBINF/web.xml

CVE-2022-28127 CRITICAL

Robustel R1510 Firmware 3.3.0 - Unauthenticated Arbitrary File Deletion via Web Server Remove API

CVE-2022-33116 MEDIUM

GUnet Open eClass Platform <3.12.4 - Path Traversal

CVE-2022-2106 LOW

Elcomplus SmartICS <2.3.4.0 - Path Traversal

CVE-2022-1953 CRITICAL

Product Configurator for WooCommerce <1.2.32 - Path Traversal

CVE-2022-29097 MEDIUM

Dell Wyse Management Suite < 3.6.1 - Path Traversal in Device API

CVE-2022-30117 CRITICAL

Concrete CMS < 8.5.8 and 9.0.0-9.0.2 - Authenticated Path Traversal and Arbitrary File Delete via File Upload Endpoint

CVE-2022-2120 HIGH

OFFIS DCMTK <3.6.7 - Path Traversal

CVE-2022-2119 HIGH

OFFIS DCMTK <3.6.7 - Path Traversal

CVE-2022-1518 CRITICAL

illumina local_run_manager 1.3-3.1 - Path Traversal via File Upload

CVE-2022-34179 HIGH

Jenkins Embeddable Build Status Plugin <2.0.3 - Path Traversal

CVE-2022-34177 HIGH

Jenkins Pipeline: Input Step Plugin <448.v37cea_9a_10a_70 - Privile...

CVE-2022-31395 HIGH

Algo Communication Products Ltd. 8373 - Path Traversal

CVE-2022-33995 HIGH

Drevolutions Remote Desktop Manager <2022.2 - Path Traversal

CVE-2022-29774 CRITICAL

iSpy 7.2.2.0 - Remote Command Execution via Path Traversal

CVE-2022-31062 MEDIUM

glpi_inventory < 1.0.2 - Local File Inclusion via Public Script

CVE-2022-25856 HIGH

argo-events < 1.7.1 - Path Traversal in GitArtifactReader

CVE-2022-31372 HIGH

Wiris Mathtype <7.28.0 - Path Traversal

CVE-2022-32328 CRITICAL

Fast Food Ordering System 1.0 - Path Traversal and Arbitrary File Deletion via Master.php delete_img Parameter

CVE-2022-29509 HIGH

T&D Data Server < 2.22 (Japanese) and < 2.30 (English) and THERMO RECORDER DATA SERVER < 2.13 - Path Traversal

CVE-2022-1657 HIGH

Jupiter and JupiterX - Authenticated Path Traversal and Local File Inclusion via Control Panel Pane Action

CVE-2022-26041 MEDIUM

generex rccmd < 4.26 - Authenticated Path Traversal and Arbitrary File Write

CVE-2022-29094 HIGH

Dell SupportAssist Client Consumer <3.10.4 & Commercial <3.1.1 - Pr...

Previous Page 180 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy