Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,256 vulnerabilities with CWE-22

CVE-2020-5834 MEDIUM

Symantec Endpoint Protection Manager <14.3 - Path Traversal

CVE-2020-12765 MEDIUM

Solis Miolo 2.0 - Path Traversal via index.php module Parameter

CVE-2020-12764 MEDIUM

Gnuteca 3.8 - Path Traversal via file.php folder Parameter

CVE-2020-11531 HIGH

ManageEngine DataSecurity Plus < 6.0.1 - Path Traversal & RCE via DR-SCHEMA-SYNC

CVE-2020-12737 MEDIUM

Maxum Rumpus <8.2.12 - Path Traversal

CVE-2020-12026 HIGH

Advantech WebAccess < 8.4.4 and 9.0.0 - Path Traversal and Arbitrary File Write

CVE-2020-12010 HIGH

Advantech WebAccess < 8.4.4 and 9.0.0 - Authenticated Path Traversal via Specially Crafted File

CVE-2020-12006 CRITICAL

Advantech WebAccess < 8.4.4 - Authenticated Path Traversal and Arbitrary File Write

CVE-2020-10794 CRITICAL

Gira TKS-IP-Gateway <4.0.7.7 - Path Traversal

CVE-2020-4430 MEDIUM KEV

IBM Data Risk Manager 2.0.1-2.0.4 - Authenticated Path Traversal via URL Request

CVE-2020-12116 HIGH

Zoho ManageEngine OpManger - Arbitrary File Read

CVE-2020-5744 MEDIUM

TCExam 14.2.2 - Authenticated Path Traversal

CVE-2020-12448 MEDIUM

GitLab 12.8.0-12.8.9 - Unauthenticated Sensitive Information Exposure via NuGet

CVE-2020-11431 CRITICAL

i-net Clear Reports 16.0-19.2, HelpDesk 8.0-8.3, PDFC 4.3-6.2 - Unauthenticated Path Traversal

CVE-2020-8983 HIGH

Citrix ShareFile StorageZones Controller - Arbitrary File Write and Remote Code Execution

CVE-2020-8982 HIGH

Citrix ShareFile StorageZones Controller - Unauthenticated Arbitrary File Read

CVE-2020-7473 HIGH

Citrix ShareFile StorageZones Controller - Unauthenticated Path Traversal

CVE-2020-3187 CRITICAL

Cisco ASA & FTD - Unauthenticated Path Traversal & Arbitrary File Deletion via HTTP

CVE-2020-10859 MEDIUM

Zoho ManageEngine Desktop Central <10.0.484 - Path Traversal

CVE-2020-10634 CRITICAL

SAE IT-systems FW-50 - Info Disclosure

CVE-2020-12649 HIGH

Gurbalib <2020-04-30 - Path Traversal

CVE-2020-12640 CRITICAL

Roundcube Webmail <1.4.4 - Path Traversal

CVE-2020-4209 MEDIUM

IBM Spectrum Protect Plus 10.1.0-10.1.5 - Path Traversal via URL Request

CVE-2020-12475 MEDIUM

TP-Link Omada Controller Software 3.2.6 - Path Traversal

CVE-2020-1631 HIGH KEV

Juniper Junos - Unauthenticated Path Traversal and Command Injection via HTTP/HTTPS Service

Previous Page 229 of 371 Next

Details

Vulnerabilities 9,256

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy