Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,223 vulnerabilities with CWE-22

CVE-2021-31746 CRITICAL

Pluck 4.7.15 - Path Traversal and Arbitrary Code Execution via Zip File Upload

CVE-2021-41449 HIGH

Netgear RAX35, RAX38, and RAX40 Firmware < 1.0.4.102 - Unauthenticated Path Traversal

CVE-2021-25511 MEDIUM

FilterProvider <SMR Dec-2021 Release 1 - Path Traversal

CVE-2021-41024 HIGH

FortiProxy 7.0.0 and FortiOS 7.0.0-7.0.1 - Unauthenticated Path Traversal via Login Page GET Request

CVE-2021-20040 HIGH

SonicWall SMA 200/210/400/410/500v Firmware - Unauthenticated Path Traversal via Upload Function

CVE-2021-44725 HIGH

KNIME Server < 4.13.4 - Path Traversal via Client Profile Request

CVE-2021-43798 HIGH KEV

Grafana Plugin Path Traversal

CVE-2021-43176 HIGH

GOautodial <3c3a979 - Code Injection

CVE-2021-37099 CRITICAL

HarmonyOS < 2.0 - Path Traversal and Arbitrary File Deletion

CVE-2021-37088 CRITICAL

HarmonyOS < 2.0 - Path Traversal and Arbitrary File Write

CVE-2021-37087 CRITICAL

HarmonyOS < 2.0 - Path Traversal and Arbitrary File Write

CVE-2021-37064 CRITICAL

HarmonyOS < 2.0 - Path Traversal and Arbitrary File Write

CVE-2021-43800 HIGH

wiki.js < 2.5.254 - Path Traversal via Local Asset Cache on Windows

CVE-2021-43676 CRITICAL

matyhtf framework <3.0.5 - Path Traversal

CVE-2021-44278 CRITICAL

Librenms 21.11.0 - Path Traversal in showconfig.inc.php

CVE-2021-43674 CRITICAL

ThinkUp <2.0-beta.10 - Path Traversal

CVE-2021-43795 HIGH

Armeria < 1.13.4 - Path Traversal via URL-Encoded Forward Slash Bypass

CVE-2021-43358 HIGH

Sunnet eHRD - Unauthenticated Path Traversal via URL Special Character Injection

CVE-2021-43788 MEDIUM

NodeBB 1.0.4-1.18.4 - Path Traversal via Language File Access

CVE-2021-43783 HIGH

@backstage/plugin-scaffolder-backend - Path Traversal

CVE-2021-43691 CRITICAL

tripexpress v1.1 - Path Traversal in load_font.php via src Parameter

CVE-2021-32061 MEDIUM

s3scanner < 2.0.2 - Path Traversal via Crafted Bucket Key

CVE-2021-41279 HIGH

BaserCMS < 4.5.4 - Path Traversal via Crafted Zip File Upload

CVE-2021-43778 CRITICAL

GLPI Barcode Plugin 2.0-2.6.0 - Path Traversal via front/send.php

CVE-2021-43775 HIGH

Aim < 3.1.0 - Path Traversal via File Reference Manipulation

Previous Page 196 of 369 Next

Details

Vulnerabilities 9,223

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy