Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-428

CWE-428

Unquoted Search Path or Element

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

427 vulnerabilities with CWE-428

CVE-2022-36344 CRITICAL

JustSystems JUST Online Update for J-License - Path Traversal

CVE-2022-35899 HIGH

ASUSTeK Aura Ready Game SDK <1.0.0.4 - Privilege Escalation

CVE-2022-31591 HIGH

SAP BusinessObjects BW Publisher Service <430 - Privilege Escalation

CVE-2022-2147 MEDIUM

Cloudflare Warp <2022.3.186.0 - Privilege Escalation

CVE-2022-31590 HIGH

SAP PowerDesigner Proxy 16.7 - Privilege Escalation

CVE-2022-29320 HIGH

MiniTool Partition Wizard v12.0 - Privilege Escalation

CVE-2022-27095 HIGH

BattlEye v0.9 - Privilege Escalation

CVE-2022-27094 MEDIUM

Sony PlayMemories Home v6.0 - Privilege Escalation

CVE-2022-26634 HIGH

HMA VPN <5.3.5913.0 - Privilege Escalation

CVE-2022-0883 HIGH

Snow License Manager 9.0.0-9.20.0 - Unquoted Service Path

CVE-2022-27905 HIGH

ControlUp Real-Time Agent < 8.6 - Privilege Escalation via Unquoted Path

CVE-2022-27089 HIGH

Fujitsu PlugFree Network <= 7.3.0.3 - Privilege Escalation

CVE-2022-27088 HIGH

Ivanti DSM Remote <6.3.1.1862 - Privilege Escalation

CVE-2022-23909 HIGH

Sherpa Connector Service <2020.2.20328.2050 - Privilege Escalation

CVE-2022-27966 MEDIUM

Xshell < 7.0.0099 - Unquoted Search Path or Element

CVE-2022-27965 MEDIUM

Xlpd < 7.0.0094 - Unquoted Search Path or Element

CVE-2022-27964 MEDIUM

Xmanager < 7.0.0096 - Unquoted Search Path or Element

CVE-2022-27963 MEDIUM

Xftp < 7.0.0088p - Unquoted Search Path or Element

CVE-2022-27052 HIGH

FreeFtpd <1.0.13 - Privilege Escalation

CVE-2022-27050 HIGH

BitComet Service <1.8.6 - Privilege Escalation

CVE-2022-0237 MEDIUM

Rapid7 Insight Agent <3.1.2.38 - Privilege Escalation

CVE-2022-25031 HIGH

Remote Desktop Commander Suite Agent <4.8 - Privilege Escalation

CVE-2021-47974 HIGH

VX Search 13.5.28 Unquoted Service Path Privilege Escalation

CVE-2021-47945 HIGH

Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation

CVE-2021-47898 HIGH

Epson USB Display <1.6.0.0 - Privilege Escalation

Previous Page 7 of 18 Next

Details

Vulnerabilities 427

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy