Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

417 vulnerabilities with CWE-23

CVE-2024-24942 MEDIUM

JetBrains TeamCity <2023.11.3 - Path Traversal

CVE-2024-24940 LOW

JetBrains IntelliJ IDEA <2023.3.3 - Path Traversal

CVE-2024-24938 MEDIUM

JetBrains TeamCity <2023.11.2 - Path Traversal

CVE-2024-22096 MEDIUM

Rapid SCADA <5.8.4 - Path Traversal

CVE-2024-22421 HIGH

JupyterLab <4.1.0b2-3.6.7 - Info Disclosure

CVE-2024-22415 HIGH

jupyter-lsp < 2.2.2 - Unauthenticated Improper Access Control

CVE-2023-35816 LOW

DevExpress <23.1.3 - Code Injection

CVE-2023-40714 CRITICAL

Fortinet FortiSIEM <6.7.2-6.6.3 - Path Traversal

CVE-2023-34990 CRITICAL

Fortinet FortiWLM 8.5.0-8.5.4 and 8.6.0-8.6.5 - Relative Path Traversal and Code Execution via Web Requests

CVE-2023-3941 CRITICAL

ZkTeco-based OEM devices <1.8.25-7354-Ver1.0.0 - Path Traversal

CVE-2023-3940 HIGH

ZkTeco-based OEM devices <1.8.25-7354-Ver1.0.0 - Path Traversal

CVE-2023-6825 CRITICAL

File Manager (Free <=7.2.1, Pro <=8.3.4) - Directory Traversal & Arbitrary File Upload

CVE-2023-42791 HIGH

Fortinet FortiManager Path Traversal via Crafted HTTP Requests

CVE-2023-49801 MEDIUM

lif_auth_server < 1.4.0 - Path Traversal via get_pfp and get_banner Routes

CVE-2023-31036 HIGH

NVIDIA Triton Inference Server - Path Traversal

CVE-2023-50255 CRITICAL

deepin-compressor < 5.12.21 - Path Traversal and Remote Code Execution via Crafted Archive

CVE-2023-6722 HIGH

Repox - Path Traversal and Arbitrary File Read

CVE-2023-6307 MEDIUM

jeecgboot JimuReport <1.6.1 - Path Traversal

CVE-2023-5189 MEDIUM

Ansible Automation Platform - Path Traversal via Malicious Tarball Extraction

CVE-2023-42783 HIGH

Fortinet FortiWLM 8.2.2-8.6.5 - Relative Path Traversal via Crafted HTTP Requests

CVE-2023-47613 MEDIUM

Telit Cinterion BGS5 EHS5/6/8 PDS5/6/8 ELS61/81 PLS62 - Path Traversal

CVE-2023-46119 HIGH

Parse Server <5.5.6,6.3.1 - Info Disclosure

CVE-2023-37913 CRITICAL

XWiki 3.5-14.10.8 - Path Traversal and Arbitrary File Write via Office Converter

CVE-2023-3701 CRITICAL

Aqua Drive 2.4 - Authenticated Path Traversal

CVE-2023-3512 HIGH

Setelsa Security's ConacWin CB <3.8.2.2 - Path Traversal

Previous Page 11 of 17 Next

Details

Vulnerabilities 417

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy