Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,220 vulnerabilities with CWE-22

CVE-2022-29093 HIGH

Dell SupportAssist Client Consumer <3.10.4-Commercial <3.1.1 - Priv...

CVE-2022-24278 HIGH

convert-svg-core <0.6.4 - Path Traversal

CVE-2022-1993 HIGH

Gogs < 0.12.9 - Path Traversal

CVE-2022-1992 CRITICAL

Gogs < 0.12.9 - Path Traversal

CVE-2022-24840 CRITICAL

django-s3file < 5.5.1 - Path Traversal in AWS S3 Bucket

CVE-2022-0779 MEDIUM

User Meta WordPress Plugin < 2.4.4 - Path Traversal via um_show_uploaded_file AJAX Action

CVE-2022-28478 MEDIUM

SeedDMS <6.0.17, <5.1.24 - Path Traversal

CVE-2022-32275 HIGH

Grafana 8.4.3 - Path Traversal via Snapshot URI

CVE-2022-31483 CRITICAL

HID Mercury Intelligent Controllers <1.271 - Privilege Escalation

CVE-2022-32270 CRITICAL

RealPlayer 20.0.7.309 and 20.0.8.310 - Remote Code Execution via Directory Traversal in Import Function

CVE-2022-29597 MEDIUM

Solutions Atlantic Regulatory Reporting System v500 - Authenticated Local File Inclusion via ShowDocument.aspx

CVE-2022-30804 MEDIUM

elitecms 1.01 - Unauthenticated Arbitrary File Deletion via delete_image.php

CVE-2022-28945 CRITICAL

Webbank WeCube <3.2.2 - Path Traversal

CVE-2022-1661 HIGH

Keysight N6854A and N6841A RF Firmware < 2.4.0 - Path Traversal

CVE-2022-23082 HIGH

CureKit 1.0.1-1.1.3 - Path Traversal via isFileOutsideDir Input Sanitization Bypass

CVE-2022-30508 MEDIUM

dedecms v5.7.93 - Arbitrary File Deletion via upload.php delete parameter

CVE-2022-1664 CRITICAL

dpkg 1.14.17-1.18.25 - Directory Traversal via Crafted Source Package Extraction

CVE-2022-29253 LOW

XWiki Platform <12.10.3,14.0 - Path Traversal

CVE-2022-30427 HIGH

ginadmin < 2022-05-10 - Path Traversal

CVE-2022-30321 HIGH

HashiCorp go-getter < 1.5.11, 2.0.2 - Path Traversal and Command Injection

CVE-2022-1850 HIGH

filegator < 7.8.0 - Path Traversal

CVE-2022-31268 HIGH

Gitblit 1.9.3 - Path Traversal via /resources//../

CVE-2022-1359 MEDIUM

Cambium Networks cnMaestro - Arbitrary File Write via Path Traversal in On-Premise Route

CVE-2022-29332 MEDIUM

D-LINK DIR-825 AC1200 R2 - Path Traversal

CVE-2022-1721 HIGH

drawio < 18.0.5 - Path Traversal via WellKnownServlet

Previous Page 181 of 369 Next

Details

Vulnerabilities 9,220

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy