Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

427 vulnerabilities with CWE-428

CVE-2020-37229 HIGH

OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation

CVE-2020-37223 HIGH

IObit Uninstaller 9.5.0.15 Unquoted Service Path Privilege Escalation

CVE-2020-37102 HIGH

Adaware Web Companion 4.9.2159 - Code Injection

CVE-2020-37101 HIGH

VPN Unlimited 6.1 - Unquoted Service Path Privilege Escalation via Service Binary Path Injection

CVE-2020-37100 HIGH

Sync Breeze Enterprise 12.4.18 - Code Injection

CVE-2020-37099 HIGH

Disk Savvy Enterprise 12.3.18 - Code Injection

CVE-2020-37098 HIGH

Disk Sorter Enterprise <12.4.16 - Code Injection

CVE-2020-37064 HIGH

EPSON EasyMP Network Projection 2.81 - Code Injection

CVE-2020-37063 HIGH

TFTP Turbo 4.6.1273 - Unquoted Service Path Privilege Escalation

CVE-2020-37062 HIGH

DHCP Turbo 4.61298 - Unquoted Service Path Privilege Escalation

CVE-2020-37061 HIGH

BOOTP Turbo 2.0.1214 - Privilege Escalation

CVE-2020-37055 HIGH

SpyHunter 4 - Unquoted Service Path Privilege Escalation

CVE-2020-37048 HIGH

Iskysoft Application Framework Service 2.4.3.241 - Code Injection

CVE-2020-37047 HIGH

Deep Instinct Windows Agent 1.2.29.0 - Privilege Escalation

CVE-2020-37045 HIGH

Veritas NetBackup 7.0 - Code Injection

CVE-2020-37037 HIGH

Avast SecureLine 5.5.522.0 - Code Injection

CVE-2020-37060 HIGH

Atomic Alarm Clock 6.3 - Privilege Escalation

CVE-2020-37059 HIGH

Popcorn Time 6.2.1.14 - Privilege Escalation

CVE-2020-37058 HIGH

Andrea ST Filters Service <1.0.64.7 - Code Injection

CVE-2020-37030 HIGH

Outline Service 1.3.3 - Privilege Escalation

CVE-2020-37021 HIGH

10-Strike Bandwidth Monitor 3.9 - Privilege Escalation

CVE-2020-37020 HIGH

SonarQube 8.3.1 - Privilege Escalation

CVE-2020-37017 HIGH

CodeMeter 6.60 - Privilege Escalation

CVE-2020-37016 HIGH

BarcodeOCR 19.3.6 - Unquoted Service Path Privilege Escalation

CVE-2020-36992 HIGH

Nord VPN 6.31.13.0 - Code Injection

Previous Page 11 of 18 Next

Details

Vulnerabilities 427

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy