Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,233 vulnerabilities with CWE-22

CVE-2021-21234 HIGH

eu.hinsch:spring-boot-actuator-logview <0.2.13 - Path Traversal

CVE-2021-3019 HIGH

lanproxy 0.1 - Path Traversal and Credential Exposure via config.properties

CVE-2020-37219 HIGH

Joomla com_fabrik 3.9.11 Directory Traversal via image.php

CVE-2020-37214 HIGH

Voyager 1.3.0 - Path Traversal via Asset Path Parameter

CVE-2020-37088 HIGH

School ERP Pro 1.0 - Info Disclosure

CVE-2020-37086 MEDIUM

Easy Transfer 1.7 iOS - Path Traversal

CVE-2020-37077 MEDIUM

Booked Scheduler 2.7.7 - Path Traversal

CVE-2020-37041 HIGH

OpenCTI 3.3.1 - Unauthenticated Directory Traversal via Static CSS Endpoint

CVE-2020-37034 HIGH

HelloWeb 2.0 - Path Traversal and Arbitrary File Download via download.asp

CVE-2020-37015 HIGH

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Path Traversal

CVE-2020-36970 HIGH

PMB Services 5.6 - Path Traversal and Arbitrary File Read via getgif.php chemin Parameter

CVE-2020-36939 HIGH

Cassandra Web 0.5.0 - Path Traversal

CVE-2020-36909 MEDIUM

SnapGear Management Console SG560 3.1.5 - Privilege Escalation

CVE-2020-36898 CRITICAL

QiHang Media Web Digital Signage 3.0.9 - Path Traversal

CVE-2020-36893 HIGH

Eibiz i-Media Server Digital Signage 3.8.0 - Path Traversal

CVE-2020-36883 HIGH

SpinetiX Fusion Digital Signage <3.4.8 - Path Traversal

CVE-2020-3538 MEDIUM

Cisco Data Center Network Manager < 11.4(1) - Authenticated Path Traversal via REST API Endpoint

CVE-2020-26071 HIGH

Cisco Catalyst SD-WAN Manager - Authenticated Arbitrary File Write via CLI Command

CVE-2020-36836 HIGH

WP Fastest Cache <0.9.0.2 - Privilege Escalation

CVE-2020-24102 HIGH

Punkbuster pbsv.d64 <2.351 - Path Traversal

CVE-2020-24113 CRITICAL

Yealink W60B <77.83.0.85 - Path Traversal

CVE-2020-26037 CRITICAL

Even Balance Punkbuster 1.902-1.905 - Remote Code Execution via Directory Traversal

CVE-2020-27514 CRITICAL

ZrLog 2.1.15 - Path Traversal and Arbitrary File Deletion via TemplateController

CVE-2020-26065 MEDIUM

Cisco Catalyst SD-WAN Manager - Authenticated Path Traversal via HTTP Request

CVE-2020-22623 HIGH

Jinfornet Jreport <15.6 - Info Disclosure

Previous Page 212 of 370 Next

Details

Vulnerabilities 9,233

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy