Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,223 vulnerabilities with CWE-22

CVE-2021-21894 CRITICAL

Lantronix PremierWave 2050 8.9.0.0R4 Path Traversal & Arbitrary File Write via Web Manager

CVE-2021-21886 MEDIUM

Lantronix PremierWave 2050 Firmware 8.9.0.0R4 - Authenticated Path Traversal via Web Manager FSBrowsePage

CVE-2021-21885 HIGH

Lantronix PremierWave 2050 Firmware 8.9.0.0R4 - Authenticated Path Traversal via Web Manager FsMove

CVE-2021-21880 HIGH

Lantronix PremierWave 2050 Firmware 8.9.0.0R4 - Authenticated Path Traversal via Web Manager FsCopyFile

CVE-2021-21879 HIGH

Lantronix PremierWave 2050 8.9.0.0R4 - Authenticated Path Traversal and Arbitrary File Write via Web Manager File Upload

CVE-2021-45418 HIGH

Starcharge Titan 180 Premium <1.3.0.0.6 & Nova 360 Cabinet <1.3.0.0.7b102 Path Traversal

CVE-2021-44162 HIGH

Chinasea QB Smart Service Robot - Path Traversal

CVE-2021-23797 HIGH

http-server-node - Path Traversal via --path-as-is

CVE-2021-43840 MEDIUM

message_bus <3.3.7 - Path Traversal

CVE-2021-32498 HIGH

SICK SOPAS ET < 4.8.0 - Path Traversal and Arbitrary Executable Execution via Emulator Pathname

CVE-2021-3960 HIGH

Bitdefender GravityZone < 3.3.8.272 - Remote Code Execution via UpdateServer Path Traversal

CVE-2021-43836 HIGH

Sulu <1.6.44-2.4.0 - Info Disclosure

CVE-2021-43831 HIGH

gradio < 2.5.0 - Unauthenticated Path Traversal

CVE-2021-45043 HIGH

HD-Network Real-time Monitoring System 2.0 - Path Traversal via Language Parameter

CVE-2021-44232 HIGH

SAF-T Framework - Path Traversal in Transaction SAFTN_G

CVE-2021-39312 HIGH

True Ranker <= 2.2.2 - Unauthenticated Arbitrary File Read via src Parameter

CVE-2021-45015 CRITICAL

taocms 3.0.2 - Arbitrary File Deletion via file.php

CVE-2021-42022 MEDIUM

SIMATIC eaSie PCS 7 Skill Package < V21.00 SP3 - Path Traversal via File Download Function

CVE-2021-41547 HIGH

Teamcenter Active Workspace < 4.3.11, < 5.0.10, < 5.1.6, < 5.2.3 - Path Traversal & RCE via Unsafe Unzipping

CVE-2021-44965 HIGH

PHPGURUKUL Employee Record Management System 1.2 - Path Traversal in Admin Includes Directory

CVE-2021-24970 HIGH

All-in-One Video Gallery <2.5.0 - Code Injection

CVE-2021-40858 MEDIUM

Auerswald COMpact 5500R <8.2B - Info Disclosure

CVE-2021-41242 HIGH

OpenOlat <15.5.12-16.0.5 - Path Traversal

CVE-2021-43815 MEDIUM

Grafana <8.3.2, <7.5.12 - Path Traversal

CVE-2021-43813 MEDIUM

Grafana <8.3.2, <7.5.12 - Path Traversal

Previous Page 195 of 369 Next

Details

Vulnerabilities 9,223

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy