Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

427 vulnerabilities with CWE-428

CVE-2019-25281 HIGH

NCP Secure Entry Client 9.2 - Code Injection

CVE-2019-25276 HIGH

Studio 5000 Logix Designer 30.01.00 - Privilege Escalation

CVE-2019-25275 HIGH

BartVPN 1.2.2 - Unquoted Service Path Privilege Escalation via BartVPNService

CVE-2019-25274 HIGH

ProShow Producer 9.0.3797 - Code Injection

CVE-2019-25273 HIGH

Easy-Hide-IP 5.0.0.3 - Code Injection

CVE-2019-25272 HIGH

TexasSoft CyberPlanet 6.4.131 - Code Injection

CVE-2019-25271 HIGH

NETGATE Data Backup 3.0.620 - Code Injection

CVE-2019-25269 HIGH

Amiti Antivirus <25.0.640 - Code Injection

CVE-2019-25267 HIGH

Wing FTP Server 6.0.7 - Privilege Escalation

CVE-2019-25261 HIGH

AnyDesk 5.4.0 - Unquoted Service Path Privilege Escalation

CVE-2019-25231 HIGH

devolo dLAN Cockpit 4.3.1 - Code Injection

CVE-2019-19705 HIGH

Realtek Audio Drivers - DLL Preloading

CVE-2019-17658 CRITICAL

FortiClient Windows <6.2.2 - Privilege Escalation

CVE-2019-18915 HIGH

HP System Event Utility <1.4.33 - RCE

CVE-2019-20357 HIGH

Trend Micro Security <2019-2020 - RCE

CVE-2019-20362 HIGH

Teradici PCoIP Agent <19.08.1 - Path Traversal

CVE-2019-6008 HIGH

Multiple Yokogawa products - Privilege Escalation

CVE-2019-7487 HIGH

SonicOS SSLVPN NACagent <3.5 - Code Injection

CVE-2019-18245 HIGH

Reliable Controls LicenseManager <3.4 - Code Injection

CVE-2019-7201 HIGH

QNAP NetBak Replicator <4.5.12.1108 - Privilege Escalation

CVE-2019-16647 HIGH

Maxthon <5.2.7 - Privilege Escalation

CVE-2019-6145 MEDIUM

Forcepoint VPN Client < 6.6.1 - Local Privilege Escalation via Unquoted Search Path

CVE-2019-14685 HIGH

Trend Micro Security <15.0 - Privilege Escalation

CVE-2019-7590 MEDIUM

ExacqVision Server <9.8 - Privilege Escalation

CVE-2019-8459 CRITICAL

Check Point Endpoint Security Client <E80.83 - Path Traversal

Previous Page 15 of 18 Next

Details

Vulnerabilities 427

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy