Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

417 vulnerabilities with CWE-23

CVE-2024-35274 LOW

Fortinet FortiAnalyzer and FortiManager - Path Traversal via CLI Requests

CVE-2024-32116 MEDIUM

Fortinet FortiManager 7.2.0-7.4.2 and FortiAnalyzer 7.2.0-7.4.2 - Authenticated Path Traversal via CLI Requests

CVE-2024-11067 HIGH

D-Link DSL6740C Firmware - Unauthenticated Path Traversal and Information Disclosure

CVE-2024-50453 HIGH

The Pack Elementor addons <= 2.0.9 - PHP Local File Inclusion via Relative Path Traversal

CVE-2024-10200 HIGH

Administrative Management System - Path Traversal

CVE-2024-49253 HIGH

James Park Analyse Uploads <0.5 - Path Traversal

CVE-2024-47637 HIGH

LiteSpeed Technologies LiteSpeed Cache <6.4.1 - Path Traversal

CVE-2024-9983 HIGH

Enterprise Cloud Database - Info Disclosure

CVE-2024-45731 HIGH

Splunk Enterprise for Windows < 9.3.1, < 9.2.3, < 9.1.6 - Path Traversal and Arbitrary File Write

CVE-2024-9923 MEDIUM

Team+ Pro 13.5.0-13.9.9 - Authenticated Arbitrary File Move via Page Parameter

CVE-2024-9922 HIGH

Team+ Pro 13.5.0-13.9.9 - Unauthenticated Path Traversal via Page Parameter

CVE-2024-6985 MEDIUM

lollms/lollms < 5.9.0 - Path Traversal via Personality Folder Parameter

CVE-2024-43614 MEDIUM

Microsoft Defender for Endpoint < 101.24052.0002 - Authenticated Relative Path Traversal

CVE-2024-47949 MEDIUM

JetBrains TeamCity < 2024.07.3 - Path Traversal and Arbitrary File Write via Backup File

CVE-2024-47948 MEDIUM

JetBrains TeamCity < 2024.07.3 - Path Traversal via Server Backups

CVE-2024-47769 HIGH

idurar < 4.1.0 - Unauthenticated Path Traversal via Public Endpoint

CVE-2024-20449 HIGH

Cisco Nexus Dashboard Fabric Controller - RCE

CVE-2024-9405 MEDIUM

Pluck CMS 4.7.18 - Unauthenticated Path Traversal

CVE-2024-45816 MEDIUM

Backstage < 1.10.13 - Path Traversal in TechDocs Storage Provider

CVE-2024-43454 HIGH

Microsoft Windows Server 2008 < 10.0.14393.7336 - Path Traversal

CVE-2024-38258 MEDIUM

Windows Remote Desktop < - Info Disclosure

CVE-2024-43399 HIGH

Mobile Security Framework < 4.0.7 - Path Traversal via Static Libraries Extraction

CVE-2024-7693 HIGH

raidenmaild < 5.0.2 - Unauthenticated Path Traversal

CVE-2024-6433 HIGH

Application <version> - Info Disclosure

CVE-2024-3122 MEDIUM

CHANGING Mobile One Time Password < 3.11.2 - Authenticated Arbitrary File Read via File Download Functionality

Previous Page 9 of 17 Next

Details

Vulnerabilities 417

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy