Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-22

CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,144 vulnerabilities with CWE-22

CVE-2024-47742 HIGH

Linux Kernel - Path Traversal via Firmware Loader

CVE-2024-10200 HIGH

Administrative Management System - Path Traversal

CVE-2024-49286 CRITICAL

SSV Events <= 3.2.7 - Local File Inclusion via Path Traversal

CVE-2024-10100 HIGH

binary-husky/gpt_academic <3.83 - Path Traversal

CVE-2024-49287 HIGH

Marco Heine PDF-Rechnungsverwaltung <0.0.1 - Path Traversal

CVE-2024-49285 HIGH

Moridrin SSV MailChimp <3.1.5 - Path Traversal

CVE-2024-49315 HIGH

CodeFlock FREE DOWNLOAD MANAGER <1.0.0 - Path Traversal

CVE-2024-46212 MEDIUM

REDAXO CMS 5.17.1 - Path Traversal via Backup Export Page

CVE-2024-49245 HIGH

Ahime Image Printer <1.0.0 - Path Traversal

CVE-2024-47645 HIGH

Sajid Javed Top Bar - Path Traversal

CVE-2024-47637 HIGH

LiteSpeed Technologies LiteSpeed Cache <6.4.1 - Path Traversal

CVE-2024-47351 HIGH

The CSSIgniter Team MaxSlider <1.2.3 - Path Traversal

CVE-2024-45711 HIGH

SolarWinds Serv-U < 15.5 - Authenticated Path Traversal and Remote Code Execution via Environment Variable Abuse

CVE-2024-9676 MEDIUM

Red Hat OpenShift Container Platform - Denial of Service via Symlink Traversal in containers/storage

CVE-2024-48914 CRITICAL

Vendure asset-server-plugin < 2.3.3 and 3.0.0-3.0.5 - Path Traversal and Denial of Service via Malformed URI

CVE-2024-9983 HIGH

Enterprise Cloud Database - Info Disclosure

CVE-2024-46898 HIGH

SHIRASAGI < 1.19.1 - Path Traversal via HTTP Request URL Processing

CVE-2024-0129 MEDIUM

NVIDIA NeMo < r2.0.0rc0 - Path Traversal and Code Execution via Unsafe TAR Extraction

CVE-2024-45731 HIGH

Splunk Enterprise for Windows < 9.3.1, < 9.2.3, < 9.1.6 - Path Traversal and Arbitrary File Write

CVE-2024-9047 CRITICAL

WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal via wfu_file_downloader.php

CVE-2024-47877 HIGH

codeclysm/extract < 4.0.0 - Path Traversal via Malicious Archive Symlink

CVE-2024-7514 MEDIUM

WordPress Comments Import & Export <2.3.7 - Info Disclosure

CVE-2024-6971 MEDIUM

lollms-webui - Path Traversal in lollms_file_system.py

CVE-2024-47868 HIGH

Gradio < 5.0.0 - Path Traversal and Arbitrary File Read via FileData Components

CVE-2024-47166 MEDIUM

gradio < 4.44.0 - Path Traversal via Custom Component Endpoint

Previous Page 97 of 366 Next

Details

Vulnerabilities 9,144

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy