Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

418 vulnerabilities with CWE-428

CVE-2023-3842 HIGH

Pointware EasyInventory <1.0.12.0 - Unquoted Search Path

CVE-2023-38408 CRITICAL

OpenSSH <9.3p2 - RCE

CVE-2023-3438 MEDIUM

Trellix Move < 4.10.0 - Privilege Escalation

CVE-2023-31747 HIGH

Wondershare Filmora <12.2.1.2088 - Privilege Escalation

CVE-2023-2644 MEDIUM

DigitalPersona FPSensor 1.0.0.1 - Unquoted Search Path

CVE-2023-27386 MEDIUM

Intel Pathfinder For Risc-v - Uncontrolled Search Path

CVE-2023-27298 HIGH

Intel(R) WULT <1.0.0 - Privilege Escalation

CVE-2023-2417 MEDIUM

ks-soft Advanced Host Monitor <12.56 - Unquoted Search Path

CVE-2023-2331 HIGH

42Gears Surelock <2.40.0 - Code Injection

CVE-2023-22282 HIGH

WAB-MAT Ver.5.0.0.8 - Code Injection

CVE-2023-24671 HIGH

VX Search <14.7 - Code Injection

CVE-2023-24575 HIGH

Dell Multifunction Printer E525w <1.047.2022 - Privilege Escalation

CVE-2023-0887 HIGH

phjounin TFTPD64-SE 4.64 - Unquoted Search Path

CVE-2022-50938 HIGH

CONTPAQi AdminPAQ 14.0.0 - Code Injection

CVE-2022-50935 CRITICAL

Flame II HSPA USB Modem - Privilege Escalation

CVE-2022-50933 HIGH

Cain & Abel 4.9.56 - Code Injection

CVE-2022-50930 HIGH

Emerson PAC Machine Edition 9.80 - Privilege Escalation

CVE-2022-50929 HIGH

Connectify Hotspot 2018 - Code Injection

CVE-2022-50928 HIGH

BlueSoleilCS 5.4.277 - Code Injection

CVE-2022-50924 HIGH

Private Internet Access <3.3 - Code Injection

CVE-2022-50923 HIGH

Cobian Backup 0.9 - Privilege Escalation

CVE-2022-50921 HIGH

WOW21 5.0.1.9 - Code Injection

CVE-2022-50920 HIGH

Sandboxie-Plus 5.50.2 - Code Injection

CVE-2022-50918 HIGH

VIVE Runtime Service 1.0.0.4 - Code Injection

CVE-2022-50917 HIGH

ProtonVPN 1.26.0 - Code Injection

Previous Page 5 of 17 Next

Details

Vulnerabilities 418

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy