Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,256 vulnerabilities with CWE-22

CVE-2020-5366 HIGH

Dell EMC iDRAC9 < 4.20.20.20 - Authenticated Path Traversal

CVE-2020-5764 HIGH

MX Player Android App <1.24.5 - Path Traversal

CVE-2020-15583 MEDIUM

Android O(8.x), P(9.0), Q(10.0) - Path Traversal in StickerProvider

CVE-2020-8161 HIGH

rack < 2.2.0 - Directory Traversal in Rack::Directory

CVE-2020-5902 CRITICAL KEV

BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages

CVE-2020-13383 HIGH

openSIS <= 7.4 - Path Traversal

CVE-2020-5588 MEDIUM

Cybozu Garoon <5.0.1 - Path Traversal

CVE-2020-5581 MEDIUM

Cybozu Garoon <5.0.1 - Info Disclosure

CVE-2020-15026 MEDIUM

Bludit 3.12.0 - Authenticated Path Traversal and Arbitrary File Download via Plugin Backup Endpoint

CVE-2020-7667 HIGH

go_rpm_utils < 0.1.0 - Path Traversal via CPIO Extraction

CVE-2020-7668 HIGH

compression_and_archive_extensions_tz_project < 1.0.1 - Path Traversal via Zip Archive Extraction

CVE-2020-7664 HIGH

github.com/unknwon/cae/zip - Path Traversal via ExtractTo Function

CVE-2020-14946 MEDIUM

Global RADAR BSA Radar <1.6.7234.24750 - Info Disclosure

CVE-2020-13158 HIGH

Artica Proxy <4.30.000000 - Path Traversal

CVE-2020-14461 HIGH

Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 - Path Traversal via images/eaZy/ URI

CVE-2020-14452 MEDIUM

Mattermost Server < 5.21.0 - Path Traversal via mmctl

CVE-2020-5590 HIGH

EC-CUBE 3.0.0-3.0.18 and 4.0.0-4.0.3 - Authenticated Path Traversal and Arbitrary File Deletion

CVE-2020-3241 MEDIUM

Cisco UCS Director - Path Traversal

CVE-2020-3236 MEDIUM

Cisco Enterprise NFV Infrastructure Software < 4.1.1 - Path Traversal & Arbitrary File Access

CVE-2020-12827 HIGH

mjml < 4.6.3 - Path Traversal via mj-include Directive

CVE-2020-4053 LOW

Helm 3.0.0-3.2.3 - Path Traversal via Malicious Plugin Archive

CVE-2020-7497 CRITICAL

EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal

CVE-2020-7495 MEDIUM

EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal via Project File Extraction

CVE-2020-7494 HIGH

EcoStruxure Operator Terminal Expert <= 3.1 Service Pack 1 - Path Traversal and Remote Code Execution via Project File

CVE-2020-12003 HIGH

FactoryTalk Linx 6.00-6.11 and RSLinx Classic < 4.11.00 - Path Traversal via Unsanitized API File Processing

Previous Page 227 of 371 Next

Details

Vulnerabilities 9,256

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy