Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,233 vulnerabilities with CWE-22

CVE-2020-21862 HIGH

DuxCMS 2.1 - Path Traversal and Arbitrary File Deletion via AdminBackup Endpoint

CVE-2020-19902 CRITICAL

wcms 0.3.2 - Path Traversal via wex/cssjs.php Parameter

CVE-2020-36728 MEDIUM

Adning Advertising <1.5.5 - Path Traversal

CVE-2020-20012 CRITICAL

WebPlus Pro v1.4.7.8.4-01 - Path Traversal

CVE-2020-13377 HIGH

Loadbalancer.org Enterprise VA MAX <8.3.8 - Path Traversal

CVE-2020-19678 HIGH

pfSense Suricata Package 1.0.1 - Directory Traversal via suricata_logs_browser.php file Parameter

CVE-2020-19279 CRITICAL

B3log Wide - Directory Traversal via Symbolic Links

CVE-2020-5001 MEDIUM

IBM Financial Transaction Manager 3.2.0-3.2.7 - Path Traversal via URL Request

CVE-2020-18331 CRITICAL

ChinaMobile PLC Wireless Router - Path Traversal

CVE-2020-18330 CRITICAL

ChinaMobile PLC Wireless Router <W2000EN-01 - Info Disclosure

CVE-2020-36651 MEDIUM

Youngerheart nodeserver - Path Traversal

CVE-2020-36647 MEDIUM

YunoHost-Apps transmission_ynh - Path Traversal

CVE-2020-36639 MEDIUM

AlliedModders AMX Mod X < 2020-05-28 - Path Traversal via amx_votemap Argument

CVE-2020-36566 CRITICAL

tar-utils - Path Traversal via Relative File Paths

CVE-2020-36561 CRITICAL

unzip < 1.0.3-0.20200308084313-2adbaa4891b9 - Path Traversal via Archive Extraction

CVE-2020-36560 CRITICAL

go-unzip < 1.0.0 and artdarek/go-unzip < 2.0.0 - Path Traversal via Archive Extraction

CVE-2020-36559 HIGH

aah < 0.12.4 - Path Traversal via HTTPEngine.Handle

CVE-2020-36629 MEDIUM

httpster < 1.1.0 - Path Traversal via fs.realpathSync

CVE-2020-36628 MEDIUM

Calsign APDE <0.5.2-pre2-alpha - Path Traversal

CVE-2020-24855 MEDIUM

easywebpack-cli < 4.5.2 - Path Traversal via Crafted GET Request

CVE-2020-36565 MEDIUM

Labstack Echo <= 4.2.0 - Path Traversal

CVE-2020-12508 HIGH

s::can moni::tools <4.2 - Path Traversal

CVE-2020-12509 HIGH

s::can moni::tools <4.2 - Path Traversal

CVE-2020-21642 CRITICAL

ManageEngine Analytics Plus < 4350 - Remote Code Execution via ZDBQAREFSUBDIR Path Traversal

CVE-2020-21365 HIGH

wkhtmltopdf <= 0.12.5 - Path Traversal via Crafted HTML File

Previous Page 213 of 370 Next

Details

Vulnerabilities 9,233

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy