Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,248 vulnerabilities with CWE-22

CVE-2020-7535 HIGH

Modicon M340 BMXP341000 Firmware < 3.30 - Path Traversal via HTTP Request

CVE-2020-26837 CRITICAL

SAP Solution Manager 7.2 - Path Traversal

CVE-2020-27896 MEDIUM

macOS 10.14.0-10.14.5 and 11.0 - Path Traversal and Arbitrary File Write

CVE-2020-10014 MEDIUM

macOS < 11.0.1 - Sandbox Escape via Path Traversal

CVE-2020-10010 HIGH

iPadOS < 14.2 - Path Traversal

CVE-2020-29600 CRITICAL

AWStats < 7.7 - Path Traversal via config Parameter

CVE-2020-29529 HIGH

HashiCorp go-slug <0.5.0 - Path Traversal

CVE-2020-28993 HIGH

ATX miniCMTS200a Broadband Gateway and Pico CMTS <= 2.0 - Unauthenticated Path Traversal

CVE-2020-29373 MEDIUM

Linux Kernel < 5.6 - Path Traversal via io_uring Root Directory Handling

CVE-2020-13886 MEDIUM

Intelbras TIP 200/TIP 200 LITE 60.61.75.15 & TIP 300 65.61.75.22 - Path Traversal

CVE-2020-4000 HIGH

VMware SD-WAN Orchestrator < 3.3.2 P3, 3.4.x < 3.4.4, 4.0.x < 4.0.1 - Authenticated Path Traversal and Code Execution

CVE-2020-28348 MEDIUM

HashiCorp Nomad 0.9.0-0.12.7 - Path Traversal via Docker File Sandbox

CVE-2020-15929 CRITICAL

Ortus TestBox 2.4.0-4.1.0 - Remote Code Execution via HTMLRunner.cfm Query Parameters

CVE-2020-15928 MEDIUM

Ortus TestBox 2.4.0-4.1.0 - Path Traversal via test-browser/index.cfm Query Parameters

CVE-2020-15246 HIGH

October CMS <1.0.469 - Info Disclosure

CVE-2020-13355 HIGH

GitLab CE/EE >=8.14,<13.3.9,>=13.4,<13.4.5,>=13.5,<13.5.2 - Path Tr...

CVE-2020-28574 HIGH

Trend Micro Worry-Free Business Security 10 SP1 - Unauthenticated Path Traversal and Arbitrary File Deletion

CVE-2020-26078 MEDIUM

Cisco IoT FND - Privilege Escalation

CVE-2020-26405 HIGH

GitLab 12.8-13.2.9 13.4-13.4.4 13.5-13.5.1 - Path Traversal and Arbitrary File Write via Package Upload

CVE-2020-27553 HIGH

BASETech GE-131 BT-1837836 - Info Disclosure

CVE-2020-8271 CRITICAL

Citrix SD-WAN Center <11.2.2-10.2.8 - RCE

CVE-2020-27385 HIGH

FlexDotnetCMS <1.5.11 - Path Traversal

CVE-2020-12315 CRITICAL

Intel Endpoint Management Assistant < 1.3.3 - Unauthenticated Path Traversal

CVE-2020-25074 CRITICAL

MoinMoin < 1.9.10 - Path Traversal and Remote Code Execution via Cache Action

CVE-2020-14366 MEDIUM

Keycloak < 12.0.0 - Path Traversal via URL-Encoded Path Segments

Previous Page 220 of 370 Next

Details

Vulnerabilities 9,248

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy