Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

450 vulnerabilities with CWE-73

CVE-2024-33860 MEDIUM

Logpoint SIEM < 7.4.0 - Local File Inclusion via File System Collector

CVE-2024-33671 HIGH

Veritas Backup Exec <22.2 - Privilege Escalation

CVE-2024-31492 HIGH

FortiClientMac <7.2.3, <7.0.10 - Code Injection

CVE-2024-30265 HIGH

Collabora Online - Local File Inclusion

CVE-2024-22178 MEDIUM

Open Automation Software OAS Platform <19.00.0057 - File Write

CVE-2024-21870 MEDIUM

Open Automation Software OAS Platform <19.00.0057 - File Write

CVE-2024-2917 MEDIUM

Campcodes House Rental Management System 1.0 - File Inclusion

CVE-2024-1603 HIGH

PaddlePaddle Paddle <2.6.0 - Info Disclosure

CVE-2024-23634 MEDIUM

GeoServer < 2.23.5 and 2.24.2 - Authenticated Arbitrary File Renaming via REST Coverage Store or Data Store API

CVE-2024-26185 MEDIUM

Windows Compressed Folder Tampering - Info Disclosure

CVE-2024-2155 MEDIUM

SourceCodester Best POS Management System 1.0 - File Inclusion

CVE-2024-2150 MEDIUM

SourceCodester Insurance Management System 1.0 - File Inclusion

CVE-2024-25117 MEDIUM

php-svg-lib <0.5.2 - Remote Code Execution via PHAR font-family URL

CVE-2024-0728 MEDIUM

ForU CMS <2020-06-23 - File Inclusion

CVE-2024-20652 HIGH

Windows HTML Platforms < - Privilege Escalation

CVE-2024-0265 MEDIUM

SourceCodester Clinic Queuing System 1.0 - File Inclusion

CVE-2023-45588 HIGH

FortiClientMac <7.2.3 - Path Traversal

CVE-2023-5816 MEDIUM

Code Explorer <1.4.5 - Info Disclosure

CVE-2023-47147 MEDIUM

IBM Sterling Secure Proxy <6.1.0 - Info Disclosure

CVE-2023-26282 MEDIUM

IBM Watson CP4D Data Stores <4.6.4 - Privilege Escalation

CVE-2023-49864 MEDIUM

WWBN AVideo - Arbitrary File Read via aVideoEncoderReceiveImage.json.php downloadURL_image Parameter

CVE-2023-49863 MEDIUM

WWBN AVideo - Arbitrary File Read via aVideoEncoderReceiveImage.json.php downloadURL_webpimage Parameter

CVE-2023-49862 MEDIUM

WWBN AVideo - Arbitrary File Read via aVideoEncoderReceiveImage.json.php downloadURL_gifimage Parameter

CVE-2023-49738 HIGH

WWBN AVideo - Arbitrary File Read via image404Raw.php

CVE-2023-47862 CRITICAL

WWBN AVideo - Local File Inclusion and Remote Code Execution via getLanguageFromBrowser

Previous Page 14 of 18 Next

Details

Vulnerabilities 450

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy