Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2024-12088 MEDIUM

rsync < 3.3.0 - Path Traversal and Arbitrary File Write via Symbolic Link Verification Bypass

CVE-2024-12087 MEDIUM

rsync < 3.3.0 - Path Traversal via --inc-recursive Symlink Handling

CVE-2024-13181 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-13180 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-13179 HIGH

Ivanti Avalanche <6.4.7 - Path Traversal

CVE-2024-10811 CRITICAL

Ivanti Endpoint Manager < 2022 SU6 - Unauthenticated Path Traversal

CVE-2024-39787 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Authenticated Path Traversal via disk_part POST Parameter

CVE-2024-39786 CRITICAL

Wavlink AC3000 M33A8.V5030.210505 - Authenticated Path Traversal via adddir_name Parameter

CVE-2024-48884 HIGH

Fortinet FortiManager 7.4.1-7.4.3, FortiOS 6.4.0-6.4.15 - Path Traversal & Arbitrary File Write

CVE-2024-47566 MEDIUM

Fortinet FortiRecorder <7.2.1 - Path Traversal

CVE-2024-46664 MEDIUM

Fortinet FortiRecorder 7.0.0-7.2.1 - Authenticated Path Traversal via HTTP Request

CVE-2024-36512 HIGH

Fortinet FortiManager/FortiAnalyzer <7.4.3/<7.2.5/<7.0.12/<6.2.13 -...

CVE-2024-33502 MEDIUM

FortiAnalyzer/FortiManager Path Traversal via Crafted HTTP/HTTPS Requests

CVE-2024-32115 MEDIUM

Fortinet FortiManager <7.4.3 - Path Traversal

CVE-2024-12083 MEDIUM

OMRON Machine Automation Controller NJ-series < 1.64.05 - Path Traversal and Remote Code Execution

CVE-2024-11642 CRITICAL

Post Grid Master - Local File Inclusion

CVE-2024-37372 LOW

Node.js Path Traversal via Permission Model Bypass

CVE-2024-9939 HIGH

WordPress File Upload <4.24.13 - Path Traversal

CVE-2024-10585 MEDIUM

InfiniteWP Client <= 1.13.0 - Unauthenticated Path Traversal via historyID Parameter

CVE-2024-12429 MEDIUM

ABB AC500 V3 < 3.8.0 - Authenticated Path Traversal

CVE-2024-12425 LOW

LibreOffice 24.8.0.1-24.8.3 - Path Traversal and Arbitrary File Write via Embedded Font Files

CVE-2024-56286 HIGH

Classic Addons - WPBakery Page Builder <3.0 - Path Traversal

CVE-2024-12152 HIGH

MIPL WC Multisite Sync <1.1.5 - Path Traversal

CVE-2024-12849 HIGH

Error Log Viewer By WP Guru <1.0.1.3 - Info Disclosure

CVE-2024-41765 MEDIUM

IBM Engineering Lifecycle Optimization - Publishing 7.0.2-7.0.3 - Path Traversal via URL Request

Previous Page 88 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy