Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,223 vulnerabilities with CWE-22

CVE-2021-41281 HIGH

Synapse < 1.47.1 - Unauthenticated Path Traversal via Media Repository

CVE-2021-24644 HIGH

Images to WebP < 1.9 - Local File Inclusion via Unsanitized Tab Parameter

CVE-2021-37023 MEDIUM

HarmonyOS - Improper Access Control

CVE-2021-38146 HIGH

Wipro Holmes Orchestrator <20.4.1 - Path Traversal

CVE-2021-33491 MEDIUM

OX App Suite <7.10.5 - Path Traversal

CVE-2021-43555 HIGH

mySCADA myDESIGNER <8.20.0 - Path Traversal

CVE-2021-22028 CRITICAL

Greenplum < 5.28.6 - Path Traversal and Arbitrary File Write

CVE-2021-37938 MEDIUM

Kibana 7.9.0-7.15.1 - Path Traversal via .pbf File Loading

CVE-2021-41277 CRITICAL KEV

Metabase - Path Traversal and Local File Inclusion via Custom GeoJSON Map URL

CVE-2021-40745 HIGH

Adobe Campaign <21.2.1 - Path Traversal

CVE-2021-41950 CRITICAL

ResourceSpace 9.6 - Unauthenticated Path Traversal and Arbitrary File Deletion via Tiles Endpoint

CVE-2021-43495 HIGH

AlquistManager - Path Traversal in IO/input.py

CVE-2021-43493 HIGH

ServerManagement - Path Traversal and Credential Exposure

CVE-2021-43492 HIGH

AlquistManager - Path Traversal

CVE-2021-43496 HIGH

Clustering - Path Traversal

CVE-2021-43494 HIGH

OpenCV-REST-API - Path Traversal

CVE-2021-34422 HIGH

Keybase < 5.7.0 - Path Traversal and Remote Code Execution via Team Folder File Upload

CVE-2021-3907 HIGH

OctoRPKI < 1.3.0 - Path Traversal and Remote Code Execution via Unsanitized URI Filename

CVE-2021-22870 MEDIUM

GitHub Enterprise Server <3.3 - Path Traversal

CVE-2021-42021 HIGH

Siveillance Video DLNA Server 2019 R1-2021 R1 - Unauthenticated Path Traversal

CVE-2021-40359 HIGH

SIMATIC BATCH - Path Traversal via File Download

CVE-2021-40358 CRITICAL

SIMATIC PCS 7 & WinCC - Path Traversal

CVE-2021-3924 HIGH

Grav < 1.7.24 - Path Traversal

CVE-2021-3916 MEDIUM

BookStack < 21.10.3 - Path Traversal

CVE-2021-21698 HIGH

Jenkins Subversion Plugin < 2.15.0 - Path Traversal via Subversion Key File Lookup

Previous Page 197 of 369 Next

Details

Vulnerabilities 9,223

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy