Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

449 vulnerabilities with CWE-73

CVE-2024-12875 MEDIUM

Easy Digital Downloads <= 3.3.2 - Authenticated Path Traversal via File Download

CVE-2024-12066 HIGH

SMSA Shipping(official) plugin - Path Traversal

CVE-2024-4230 HIGH

Edgecross Basic Software <1.00 - Path Traversal

CVE-2024-11838 CRITICAL

PlexTrac <2.8.1 - Local Code Inclusion

CVE-2024-12357 MEDIUM

SourceCodester Best House Rental Management System 1.0 - File Inclu...

CVE-2024-46909 CRITICAL

WhatsUp Gold < 24.0.1 - Unauthenticated Remote Code Execution

CVE-2024-10492 LOW

Keycloak < 26.0.6 - Authenticated Sensitive Information Disclosure via Vault File Access

CVE-2024-43451 MEDIUM KEV

NTLM Hash Disclosure Spoofing - Info Disclosure

CVE-2024-10672 LOW

Multiple Page Generator Plugin - Path Traversal

CVE-2024-5823 CRITICAL

gaizhenbiao/chuanhuchatgpt <= 20240410 - File Overwrite and Denial of Service via Configuration File Tampering

CVE-2024-41183 HIGH

Trend Micro VPN <5.8.1012 - Privilege Escalation

CVE-2024-9575 HIGH

Pretix Widget <1.0.6 - Local File Inclusion

CVE-2024-43615 HIGH

Microsoft OpenSSH for Windows Remote Code Execution

CVE-2024-43581 HIGH

Microsoft OpenSSH for Windows - Remote Code Execution

CVE-2024-38029 HIGH

Microsoft OpenSSH for Windows - RCE

CVE-2024-38040 HIGH

Esri Portal for ArcGIS <11.2 - Info Disclosure

CVE-2024-9275 MEDIUM

jeanmarc77 123solar <1.8.4.5 - File Inclusion

CVE-2024-9142 CRITICAL

Olgu Computer Systems e-Belediye <2.0.642 - Path Traversal

CVE-2024-21545 HIGH

Proxmox Virtual Environment - Privilege Escalation

CVE-2024-7626 HIGH

WP Delicious Recipe Plugin < 1.6.9 - Authenticated Arbitrary File Movement and Reading

CVE-2024-8517 CRITICAL

SPIP <4.3.2-4.1.18 - Command Injection

CVE-2024-7744 MEDIUM

WS_FTP Server < 8.8.8 - Authenticated Path Traversal via Web Transfer Module

CVE-2024-7911 MEDIUM

SourceCodester Simple Online Bidding System 1.0 - File Inclusion

CVE-2024-38173 MEDIUM

Microsoft Outlook - Remote Code Execution

CVE-2024-38165 MEDIUM

Windows Compressed Folder Tampering - Info Disclosure

Previous Page 12 of 18 Next

Details

Vulnerabilities 449

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy