Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

418 vulnerabilities with CWE-428

CVE-2020-37063 HIGH

TFTP Turbo 4.6.1273 - RCE

CVE-2020-37062 HIGH

DHCP Turbo 4.61298 - RCE

CVE-2020-37061 HIGH

BOOTP Turbo 2.0.1214 - Privilege Escalation

CVE-2020-37055 HIGH

SpyHunter 4 - Privilege Escalation

CVE-2020-37048 HIGH

Iskysoft Application Framework Service 2.4.3.241 - Code Injection

CVE-2020-37047 HIGH

Deep Instinct Windows Agent 1.2.29.0 - Privilege Escalation

CVE-2020-37045 HIGH

Veritas NetBackup 7.0 - Code Injection

CVE-2020-37037 HIGH

Avast SecureLine 5.5.522.0 - Code Injection

CVE-2020-37060 HIGH

Atomic Alarm Clock 6.3 - Privilege Escalation

CVE-2020-37059 HIGH

Popcorn Time 6.2.1.14 - Privilege Escalation

CVE-2020-37058 HIGH

Andrea ST Filters Service <1.0.64.7 - Code Injection

CVE-2020-37030 HIGH

Outline Service 1.3.3 - Privilege Escalation

CVE-2020-37021 HIGH

10-Strike Bandwidth Monitor 3.9 - Privilege Escalation

CVE-2020-37020 HIGH

SonarQube 8.3.1 - Privilege Escalation

CVE-2020-37017 HIGH

CodeMeter 6.60 - Privilege Escalation

CVE-2020-37016 HIGH

BarcodeOCR 19.3.6 - Code Injection

CVE-2020-36992 HIGH

Nord VPN 6.31.13.0 - Code Injection

CVE-2020-36991 HIGH

ShareMouse 5.0.43 - Privilege Escalation

CVE-2020-36990 HIGH

Input Director 1.4.3 - Privilege Escalation

CVE-2020-36989 HIGH

ForensiT AppX Management Service 2.2.0.4 - Privilege Escalation

CVE-2020-36987 HIGH

Program Access Controller 1.2.0.0 - Privilege Escalation

CVE-2020-36986 HIGH

Prey <1.9.6 - Privilege Escalation

CVE-2020-36985 HIGH

IP Watcher 3.0.0.30 - Code Injection

CVE-2020-36984 HIGH

EPSON 1.124 - Privilege Escalation

CVE-2020-36983 HIGH

Quick 'n Easy FTP Service 3.2 - RCE

Previous Page 11 of 17 Next

Details

Vulnerabilities 418

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy