Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2024-40646 HIGH

Vertex Vulnerable to Path Traversal

CVE-2024-47267 LOW

Synology Surveillance Station - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2024-25183 HIGH

givanz VvvebJs <1.7.2 - Path Traversal

CVE-2024-42718 MEDIUM

Croogo CMS 4.0.7 - Path Traversal via Edit-File Parameter

CVE-2024-58312 HIGH

xbtitFM 4.1.18 - Unauthenticated Path Traversal via URL Parameter Manipulation

CVE-2024-58310 HIGH

APC Network Management Card 4 - Path Traversal

CVE-2024-13991 HIGH

Huijietong Cloud Video Platform - Path Traversal

CVE-2024-13986 HIGH

Nagios XI < 2024R1.3.2 - Authenticated Remote Code Execution via MIB Upload and Snapshot Rename

CVE-2024-13984 CRITICAL

QiAnXin TianQing Management Center <=6.7.0.4130 - Path Traversal

CVE-2024-13982 HIGH

SPON IP Network Broadcast System - Path Traversal

CVE-2024-13981 CRITICAL

LiveBOS < pre-August 2024 builds - Unauthenticated Arbitrary File Upload and Path Traversal via UploadFile.do Endpoint

CVE-2024-56179 HIGH

MindManager <24.1.150 - Path Traversal

CVE-2024-44373 CRITICAL

AllSky <2024.12.06_06 - Path Traversal

CVE-2024-52964 MEDIUM

Fortinet Fortimanager < 7.0.14 - Path Traversal

CVE-2024-55401 MEDIUM

4cstrategies exonaut < 21.6.2.1-1 - Path Traversal

CVE-2024-52885 MEDIUM

Checkpoint Mobile Access - Authenticated Directory Traversal in File Share Application

CVE-2024-26292 HIGH

Avid NEXIS <2025.5.1 - File Deletion

CVE-2024-38824 CRITICAL

SaltStack Salt 3006.0-3006.11 and 3007.0rc1-3007.3 - Path Traversal and Arbitrary File Write via recv_file Method

CVE-2024-57189 MEDIUM

erxes < 1.6.2 - Authenticated Path Traversal and Arbitrary File Write via importHistoriesCreate GraphQL Mutation

CVE-2024-57186 MEDIUM

erxes < 1.6.2 - Unauthenticated Path Traversal via /read-file Endpoint

CVE-2024-12718 MEDIUM

CPython 3.12-3.12.10, 3.13-3.13.3, 3.14a1-3.14b2 - Path Traversal via TarFile Extraction Filter

CVE-2024-51453 MEDIUM

IBM Sterling Secure Proxy 6.2.0.0-6.2.0.1 - Path Traversal via URL Request

CVE-2024-13914 HIGH

File Manager Advanced Shortcode <2.5.4-2.5.6 - Code Injection

CVE-2024-48766 HIGH

NetAlertX 24.7.18-24.10.12 - Unauthenticated Path Traversal and Arbitrary File Read via logs.php

CVE-2024-4982 HIGH

Pagure < 5.14.1 - Path Traversal via Malicious Git Repository

Previous Page 83 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy