Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,256 vulnerabilities with CWE-22

CVE-2020-15712 MEDIUM

rConfig 3.9.5 - Authenticated Path Traversal via ajaxGetFileByPath.php Path Parameter

CVE-2020-15592 HIGH

SteelCentral Aternity Agent < 11.0.0.120 - Privilege Escalation via Plugin Directory Traversal

CVE-2020-7687 HIGH

fast-http - Path Traversal via fs.readFile in index.js

CVE-2020-7686 HIGH

rollup-plugin-dev-server - Path Traversal via readFileFromContentBase Function

CVE-2020-7683 HIGH

rollup-plugin-server - Path Traversal via readFileFromContentBase Function

CVE-2020-7682 HIGH

marked-tree - Path Traversal via fs.readFile in index.js

CVE-2020-7681 HIGH

marscode - Path Traversal via fs.readFile in index.js

CVE-2020-15923 HIGH

Mida eFramework < 2.9.0 - Unauthenticated Path Traversal

CVE-2020-15492 CRITICAL

INNEO Startup TOOLS 12.0.66.3784-13.0.70.3804 - Unauthenticated Path Traversal via sut_srv.exe Web Application

CVE-2020-15908 HIGH

Cauldrondevelopment C! < 1.6.0 - Path Traversal

CVE-2020-9663 MEDIUM

Adobe Reader Mobile < 20.0.1 - Path Traversal

CVE-2020-3452 HIGH KEV

Cisco ASA 9.6-9.6.4.42 & FTD 6.2.3-6.2.3.16 Unauthenticated Path Traversal

CVE-2020-15124 CRITICAL

Goobi Viewer Core <4.8.3 - Path Traversal

CVE-2020-12499 HIGH

PHOENIX CONTACT PLCnext Engineer <2020.3.1 - Path Traversal

CVE-2020-8214 HIGH

servey < 3 - Path Traversal

CVE-2020-9252 LOW

HUAWEI Mate 20, Mate 20 X, Mate 20 RS, and Honor Magic2 Firmware - Path Traversal and Arbitrary File Write

CVE-2020-7684 HIGH

rollup-plugin-serve - Path Traversal via Unsanitized File Read Operation

CVE-2020-3401 MEDIUM

Cisco SD-WAN vManage Software - Path Traversal

CVE-2020-3381 HIGH

Cisco SD-WAN vManage Software - Path Traversal

CVE-2020-15779 HIGH

socket.io-file < 2.0.31 - Path Traversal via Name Option in createFile Message

CVE-2020-11439 HIGH

LibreHealth EMR 2.0.0 - Local File Inclusion and Remote Code Execution

CVE-2020-14507 CRITICAL

Advantech iView < 5.6 - Path Traversal and Arbitrary File Write

CVE-2020-6286 MEDIUM

SAP NetWeaver AS JAVA <7.50 - Path Traversal

CVE-2020-15050 HIGH

Suprema BioStar 2 <2.8.2 - Path Traversal

CVE-2020-8195 MEDIUM KEV

Citrix ADC/Gateway <13.0-58.30 - Info Disclosure

Previous Page 226 of 371 Next

Details

Vulnerabilities 9,256

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy