Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,233 vulnerabilities with CWE-22

CVE-2020-7649 MEDIUM

Snyk Broker < 4.73.0 - Path Traversal via Directory Traversal

CVE-2020-25150 HIGH

B. Braun SpaceCom < L81 & Data Module CompactPlus A10-A11 - Authenticated Path Traversal & Arbitrary File Write

CVE-2020-25176 CRITICAL

Schneider-electric Easergy T300 Firmware < 2.7.1 - Path Traversal

CVE-2020-27467 HIGH

Processwire CMS <2.7.1 - Path Traversal

CVE-2020-14523 HIGH

Mitsubishielectric CW Configurator < 1.010l - Path Traversal

CVE-2020-17383 CRITICAL

Telos Z/IP One <4.0.0r - Path Traversal

CVE-2020-19858 HIGH

plutinosoft platinum < 1.2.0 - Path Traversal via UPnP Privacy Endpoint

CVE-2020-29050 HIGH

SphinxSearch < 3.1.1 - Path Traversal via MySQL Client CALL SNIPPETS

CVE-2020-20944 CRITICAL

Qibosoft v7 - Arbitrary File Deletion via Admin Index PHP Parameter

CVE-2020-7882 HIGH

Hancom AnySign4PC - Path Traversal and Arbitrary File Deletion via getPFXFolderList Parameter

CVE-2020-18438 HIGH

qinggan phpok <5.1 - Info Disclosure

CVE-2020-25881 MEDIUM

RKCMS - Path Traversal via filename Parameter

CVE-2020-25873 MEDIUM

Baijiacms V4 - Path Traversal and Arbitrary Folder Deletion via ID Parameter

CVE-2020-25872 MEDIUM

FrogCMS 0.9.5 - Path Traversal via FileManagerController.php URL Parameter

CVE-2020-36488 MEDIUM

Sky File 2.1.0 - Path Traversal via /null// Path Commands

CVE-2020-23061 HIGH

Dropouts Technologies LLP Super Backup <2.0.5 - Path Traversal

CVE-2020-23040 HIGH

Sky File 2.1.0 - Path Traversal via Null Path Commands

CVE-2020-23038 HIGH

Swift File Transfer Mobile <1.1.2 - Info Disclosure

CVE-2020-27304 CRITICAL

CivetWeb 1.8-1.14 - Path Traversal via File Upload Form Handler

CVE-2020-15941 MEDIUM

FortiClientEMS < 6.4.1 and <= 6.2.8 - Authenticated Path Traversal via Deployment Package Name Parameter

CVE-2020-19154 MEDIUM

Jfinal CMS <4.7.1 - Info Disclosure

CVE-2020-19150 HIGH

Jfinal CMS <4.7.1 - Info Disclosure

CVE-2020-19147 MEDIUM

Jfinal CMS <4.7.1 - Info Disclosure

CVE-2020-19146 MEDIUM

Jfinal CMS <4.7.1 - Info Disclosure

CVE-2020-18127 MEDIUM

Indexhibit 2.1.5 - Path Traversal in /config/config.php

Previous Page 214 of 370 Next

Details

Vulnerabilities 9,233

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy