Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,142 vulnerabilities with CWE-22

CVE-2024-56514 MEDIUM

Karmada < 1.12.0 - Path Traversal and Arbitrary File Write via Malicious CRD Archive

CVE-2024-56248 MEDIUM

Webdeclic WPMasterToolKit <1.13.1 - Path Traversal

CVE-2024-56198 CRITICAL

path-sanitizer < 3.1.0 - Path Traversal via .=%5c Bypass

CVE-2024-12105 MEDIUM

WhatsUp Gold 23.1.0-24.0.1 - Authenticated Path Traversal

CVE-2024-56213 MEDIUM

Eventin <= 4.0.7 - Path Traversal via .../...// Sequence

CVE-2024-11944 HIGH

iXsystems TrueNAS CORE - Path Traversal

CVE-2024-54453 HIGH

Kurmi Provisioning Suite <7.9.0.35-7.11.0.15 - Path Traversal

CVE-2024-54452 MEDIUM

Kurmi Provisioning Suite <7.9.0.35-7.10.0.18 - Path Traversal

CVE-2024-56509 HIGH

changedetection.io - Path Traversal

CVE-2024-12850 MEDIUM

Database Backup and check Tables Automated With Scheduler 2024 <2.3...

CVE-2024-41887 MEDIUM

Hanwha Vision XRN-420S < 5.01.62 - Remote Code Execution via NVR Log File Path Traversal

CVE-2024-53961 HIGH

ColdFusion <2021.17 - Path Traversal

CVE-2024-55947 HIGH

Gogs < 0.13.1 - Path Traversal and Arbitrary File Write

CVE-2024-54148 CRITICAL

Gogs < 0.13.1 - Authenticated Path Traversal via Symlink File Commit

CVE-2024-12875 MEDIUM

Easy Digital Downloads <= 3.3.2 - Authenticated Path Traversal via File Download

CVE-2024-56331 MEDIUM

Uptime Kuma 1.23.0-1.23.15 and 2.0.0-beta.0 - Authenticated Path Traversal via Real-Browser URL Input

CVE-2024-44195 HIGH

macOS < 15.1 - Arbitrary File Read via Path Traversal

CVE-2024-12830 HIGH

Arista NG Firewall - Unauthenticated Path Traversal and Remote Code Execution via custom_handler

CVE-2024-38819 HIGH

Spring WebMvc.fn and WebFlux.fn 6.1.0-6.1.13 - Path Traversal via Static Resource Handling

CVE-2024-12793 MEDIUM

pbootcms < 5.2.4 - Path Traversal via Tag Argument

CVE-2024-21547 HIGH

spatie/browsershot < 5.0.2 - Path Traversal via URI Normalization Bypass

CVE-2024-56142 MEDIUM

pghoard < 2.6.1-rc and Aiven-Open pghoard <= 2.2.2a - Path Traversal

CVE-2024-55516 CRITICAL

Raisecom MSG1200, MSG2100E, MSG2200, MSG2300 v3.90 - Path Traversal & Arbitrary File Write

CVE-2024-55515 CRITICAL

Raisecom MSG1200 MSG2100E MSG2200 MSG2300 3.90 - Arbitrary File Upload via /upload_ipslib.php Form Name

CVE-2024-55513 CRITICAL

Raisecom MSG1200, MSG2100E, MSG2200, MSG2300 3.90 - Path Traversal & Arbitrary File Write

Previous Page 89 of 366 Next

Details

Vulnerabilities 9,142

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy