Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-36

CWE-36

Absolute Path Traversal

Parent: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

117 vulnerabilities with CWE-36

CVE-2024-6854 HIGH

h2o-3 <3.46.0 - Path Traversal

CVE-2024-12375 MEDIUM

Automatic1111 Stable-diffusion-webui - Absolute Path Traversal

CVE-2024-10833 CRITICAL

Dbgpt Db-gpt < 0.6.2 - Absolute Path Traversal

CVE-2024-10831 CRITICAL

Dbgpt Db-gpt - Absolute Path Traversal

CVE-2024-10047 MEDIUM

parisneo/lollms-webui <latest - Path Traversal

CVE-2024-48248 HIGH KEV

Nakivo Backup & Replication Director - Absolute Path Traversal

CVE-2024-6097 MEDIUM

Progress Telerik Reporting < 19.0.25.211 - Path Traversal

CVE-2024-57966 MEDIUM

KDE ark <24.12.0 - Path Traversal

CVE-2024-13161 CRITICAL KEV

Ivanti EPM - Path Traversal

CVE-2024-13160 CRITICAL KEV

Ivanti EPM - Path Traversal

CVE-2024-13159 CRITICAL KEV

Ivanti EPM - Path Traversal

CVE-2024-10811 CRITICAL

Ivanti Endpoint Manager < 2022 - Path Traversal

CVE-2024-56321 LOW

Thoughtworks Gocd < 24.5.0 - Absolute Path Traversal

CVE-2024-12646 HIGH

Chunghwa Telecom topm-client - Path Traversal

CVE-2024-12644 HIGH

Chunghwa Telecom tbm-client - CSRF & Path Traversal

CVE-2024-12643 HIGH

Chunghwa Telecom tbm-client - Path Traversal

CVE-2024-51549 CRITICAL

ABB ASPECT <3.08.02, NEXUS Series <3.08.02, MATRIX Series <3.08.02 ...

CVE-2024-11978 HIGH

DreamMaker - Path Traversal

CVE-2024-10651 MEDIUM

IDExpert - Info Disclosure

CVE-2024-47883 CRITICAL

Openrefine Butterfly < 1.2.6 - SSRF

CVE-2024-20379 MEDIUM

Cisco Secure Firewall Management Center - Info Disclosure

CVE-2024-9924 CRITICAL

OAKlouds - Info Disclosure

CVE-2024-45291 MEDIUM

PHPSpreadsheet - SSRF

CVE-2024-45290 HIGH

PHPSpreadsheet - XSS

CVE-2024-8497 HIGH

Franklin Fueling Systems TS-550 EVO <2.26.4.8967 - Info Disclosure

Previous Page 3 of 5 Next

Details

Vulnerabilities 117

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy