Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,248 vulnerabilities with CWE-22

CVE-2020-4776 HIGH

IBM Curam Social Program Management 7.0.9-7.0.10 - Path Traversal via URL Request

CVE-2020-3597 MEDIUM

Cisco Nexus Data Broker < 3.9(0) - Unauthenticated Path Traversal via Configuration Restore Feature

CVE-2020-13347 CRITICAL

Gitlab Runner <13.2.4-13.4.1 - Command Injection

CVE-2020-25985 HIGH

MonoCMS Blog 1.0 - Authenticated Arbitrary File Deletion

CVE-2020-26603 MEDIUM

Samsung mobile devices O(8.x)-Q(10.0) - Path Traversal

CVE-2020-15239 LOW

xmpp-http-upload <0.4.0 - Info Disclosure

CVE-2020-1904 MEDIUM

WhatsApp and WhatsApp Business < 2.20.61 - Path Traversal via Crafted Office File Attachments

CVE-2020-24219 HIGH

URayTech IPTV/H.264/H.265 <1.97 - Path Traversal

CVE-2020-15236 HIGH

Wiki.js 2.5.80-2.5.150 - Directory Traversal via Local Asset Cache URL

CVE-2020-15230 HIGH

Vapor < 4.29.4 - Path Traversal via FileMiddleware

CVE-2020-18191 CRITICAL

GetSimpleCMS-3.3.15 - Path Traversal

CVE-2020-18190 CRITICAL

Bludit 3.8.1 - Unauthenticated Path Traversal via Upload Profile Picture Endpoint

CVE-2020-25623 HIGH

Erlang/OTP 22.3.0-22.3.4.5 and 23.0-23.0.3 - Path Traversal via HTTP Request

CVE-2020-5789 MEDIUM

Teltonika TRB2_R_00.02.04.3 - Path Traversal

CVE-2020-5788 MEDIUM

Teltonika TRB2_R_00.02.04.3 - Path Traversal

CVE-2020-5787 MEDIUM

Teltonika TRB2_R_00.02.04.3 - Path Traversal

CVE-2020-21527 HIGH

halo v1.1.3 - Arbitrary File Deletion via Backup Function

CVE-2020-21526 CRITICAL

halo v1.1.3 - Arbitrary File Write via Path Traversal Bypass

CVE-2020-21525 HIGH

Halo 1.1.3 - Arbitrary File Read via Directory Traversal Bypass

CVE-2020-21522 CRITICAL

halo V1.1.3 - Path Traversal and Arbitrary File Write via Zip Slip

CVE-2020-21244 MEDIUM

FrontAccounting 2.4.7 - Path Traversal via admin/inst_lang.php

CVE-2020-25149 HIGH

Observium 20.8.10631 - Path Traversal and Local File Inclusion via Device Health Metric Parameter

CVE-2020-25145 HIGH

Observium 20.8.10631 - Path Traversal and Local File Inclusion via Device URI Parameter

CVE-2020-25144 HIGH

Observium 20.8.10631 - Path Traversal and Local File Inclusion via inc.php Extension

CVE-2020-25136 HIGH

Observium 20.8.10631 - Path Traversal and Local File Inclusion via Device Routing Tab Parameter

Previous Page 222 of 370 Next

Details

Vulnerabilities 9,248

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy