Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

427 vulnerabilities with CWE-428

CVE-2023-54338 HIGH

Tftpd32 SE 4.60 - Unquoted Service Path Privilege Escalation

CVE-2023-54336 HIGH

Mediconta 3.7.27 - Privilege Escalation

CVE-2023-54331 HIGH

Outline 1.6.0 - Privilege Escalation

CVE-2023-53984 HIGH

Clevo HotKey Clipboard 2.1.0.6 - Code Injection

CVE-2023-53965 HIGH

SOUND4 Server Service 4.1.102 - Privilege Escalation

CVE-2023-53954 MEDIUM

ActFax 10.10 - Privilege Escalation

CVE-2023-53947 HIGH

OCS Inventory NG <2.3.0.0 - Privilege Escalation

CVE-2023-53946 HIGH

Arcsoft PhotoStudio 6.0.0.172 - Privilege Escalation

CVE-2023-53912 MEDIUM

USB Flash Drives Control 4.1.0.0 - Code Injection

CVE-2023-39464 HIGH

Triangle MicroWorks SCADA Data Gateway - Remote Code Execution via Unquoted GTWWebMonitorService Path

CVE-2023-24542 MEDIUM

Intel(R) Thunderbolt(TM) DCH <88 - Privilege Escalation

CVE-2023-7043 LOW

ESET Endpoint Antivirus 10.1.2046.0-11.0.2032.0 - Unquoted Service Path

CVE-2023-6631 HIGH

PowerSYSTEM Center <2020 Update 16 - Privilege Escalation

CVE-2023-32658 MEDIUM

Intel(R) NUC Kits <1.79.1.1 - Privilege Escalation

CVE-2023-29165 MEDIUM

Intel(R) Arc(TM) Control <1.73.5335.2 - Privilege Escalation

CVE-2023-25075 MEDIUM

Intel Server Configuration Utility <16.0.9 - Privilege Escalation

CVE-2023-0392 MEDIUM

Okta LDAP Agent < 5.18 - Remote Code Execution via Unquoted Service Path

CVE-2023-37537 HIGH

HCL AppScan Presence - Privilege Escalation

CVE-2023-42486 MEDIUM

Fortect < 5.0.0.7 - Privilege Escalation via Unquoted Search Path

CVE-2023-5012 MEDIUM

Topaz OFD <2.11.0.201 - Unquoted Search Path

CVE-2023-4991 HIGH

NextBX QWAlerter 4.50 - Unquoted Search Path

CVE-2023-36658 HIGH

OPSWAT MetaDefender KIOSK <4.6.1.9996 - Local Privilege Escalation

CVE-2023-22841 MEDIUM

Intel Server Firmware Update Utility < 16.0.7 - Authenticated Privilege Escalation via Unquoted Search Path

CVE-2023-2685 HIGH

ABB AO-OPC 1.0.0-3.2.0 - Privilege Escalation via Unquoted Service Path

CVE-2023-26911 HIGH

ASUS SetupAsusServices <1.0.5.1 - Privilege Escalation

Previous Page 4 of 18 Next

Details

Vulnerabilities 427

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy