Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-23

CWE-23

Relative Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

391 vulnerabilities with CWE-23

CVE-2024-37138 MEDIUM

Dell Data Domain Operating System < 7.7.5.40 - Path Traversal

CVE-2024-3497 HIGH

Toshiba Printer - Path Traversal

CVE-2024-2461 MEDIUM

Unknown Product <Unknown Version - Path Traversal

CVE-2024-4330 LOW

Lollms Web UI < 9.8 - Path Traversal

CVE-2024-36362 MEDIUM

JetBrains TeamCity <2022.04.7-2024.03.2 - Path Traversal

CVE-2024-35186 HIGH

Crates.io Gix-worktree-state < 0.11.0 - Path Traversal

CVE-2024-33615 HIGH

CyberPower PowerPanel - Path Traversal

CVE-2024-30010 HIGH

Windows Hyper-V < - RCE

CVE-2024-34712 MEDIUM

NPM Oceanic.js < 1.10.4 - Path Traversal

CVE-2024-0549 HIGH

mintplex-labs/anything-llm - Path Traversal

CVE-2024-32005 HIGH

NiceGUI <1.4.21 - Local File Inclusion

CVE-2024-3025 CRITICAL

Mintplexlabs Anythingllm < 1.0.0 - Path Traversal

CVE-2024-0335 HIGH

ABB VPNI - Unknown Vuln

CVE-2024-20352 MEDIUM

Cisco Emergency Responder - Path Traversal

CVE-2024-20310 MEDIUM

Cisco Unified CM IM&P - XSS

CVE-2024-25944 MEDIUM

Dell Openmanage Enterprise < 4.0.1 - Path Traversal

CVE-2024-2053 HIGH

Articatech Artica Proxy - Path Traversal

CVE-2024-24578 CRITICAL

RaspberryMatic unauthenticated Remote Code Execution vulnerability through HMServer File Upload.

CVE-2024-27770 HIGH

Unitronics Unistream Unilogic <1.35.227 - Path Traversal

CVE-2024-22398 MEDIUM

SonicWall Email Security Appliance - Path Traversal

CVE-2024-2318 MEDIUM

Zkteco Zkbio Media - Path Traversal

CVE-2024-27199 HIGH KEV

TeamCity < 2023.11.4 - Authentication Bypass

CVE-2024-0550 MEDIUM

Privileged User - Info Disclosure

CVE-2024-22226 LOW

Dell Unity <5.4 - Path Traversal

CVE-2024-24942 MEDIUM

JetBrains TeamCity <2023.11.3 - Path Traversal

Previous Page 9 of 16 Next

Details

Vulnerabilities 391

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy