Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2024-13535 MEDIUM

Actionwear products sync <= 2.3.2 - Unauthenticated Full Path Disclosure via composer-setup.php

CVE-2024-56477 MEDIUM

IBM Power Hardware Management Console V10.3.1050.0 - Path Traversal

CVE-2024-13791 MEDIUM

Bit Assist < 1.5.2 - Authenticated Path Traversal via downloadResponseFile()

CVE-2024-47266 LOW

Synology Active Backup <2.7.1-3234 - Path Traversal

CVE-2024-47264 MEDIUM

Synology Active Backup for Business <2.7.1-3234 - Path Traversal

CVE-2024-10763 CRITICAL

Campress <= 1.35 - Unauthenticated Local File Inclusion via campress_woocommerce_get_ajax_products

CVE-2024-51376 HIGH

yeqifu carRental <1.0 - Path Traversal

CVE-2024-34521 LOW

Mavenir SCE App <PORTAL-LBS-R_1_0_24_0 - Path Traversal

CVE-2024-6097 MEDIUM

Progress Telerik Reporting < 19.0.25.211 - Local Path Traversal via Absolute Path

CVE-2024-11343 HIGH

Telerik Document Processing <2025.1.205 - Path Traversal

CVE-2024-57777 MEDIUM

lanproxy 0.1 and before - Path Traversal

CVE-2024-36508 MEDIUM

Fortinet FortiManager <7.4.2, FortiAnalyzer <7.2.5 - Path Traversal

CVE-2024-11771 MEDIUM

Ivanti Cloud Services Appliance < 5.0.5 - Unauthenticated Path Traversal

CVE-2024-13059 HIGH

mintplex-labs/anything-llm <1.3.1 - Path Traversal

CVE-2024-8685 MEDIUM

Revolution Pi <2022-07-28-revpi-buster - Path Traversal

CVE-2024-57248 MEDIUM

Gleamtech FileVista 9.2.0.0 - Path Traversal and Arbitrary File Upload

CVE-2024-55214 MEDIUM

dhtmlx file_explorer 8.4.6 - Path Traversal via File Download Functionality

CVE-2024-55213 MEDIUM

dhtmlx file_explorer 8.4.6 - Path Traversal via File Listing Function

CVE-2024-52883 HIGH

AudioCodes One Voice Operations Center < 8.4.582 - Unauthenticated Path Traversal

CVE-2024-54909 HIGH

GoldPanKit eva-server <4.1.0 - Path Traversal

CVE-2024-53586 MEDIUM

WebFileSys <2.31.0 - Path Traversal

CVE-2024-48019 MEDIUM

Apache Doris 2.1.0-2.1.7 - Path Traversal and Arbitrary File Read

CVE-2024-57451 HIGH

ChestnutCMS <= 1.5.0 - Directory Traversal in FileController#getFileList

CVE-2024-57669 HIGH

Zrlog backup-sql-file.jar 3.0.31 - Path Traversal via BackupController.java

CVE-2024-51534 HIGH

Dell PowerProtect DD <8.3.0.0, 7.10.1.50, 7.13.1.20 - Path Traversal

Previous Page 86 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy