Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

450 vulnerabilities with CWE-73

CVE-2023-47171 MEDIUM

WWBN AVideo 11.6 and dev master commit 15fed957fb - Arbitrary File Read via aVideoEncoder.json.php chunkFile Path

CVE-2023-6569 HIGH

h2o - Path Traversal

CVE-2023-36019 CRITICAL

Microsoft Power Platform Connector - Open Redirect

CVE-2023-6618 MEDIUM

SourceCodester Simple Student Attendance System 1.0 - File Inclusion

CVE-2023-5247 HIGH

Mitsubishi Electric GX Works3 - Malicious Code Execution via Crafted Project File

CVE-2023-40194 HIGH

Foxit Reader 12.1.3.15356 - Code Injection

CVE-2023-39542 HIGH

Foxit Reader 12.1.3.15356 - Remote Code Execution via JavaScript saveAs API

CVE-2023-35985 HIGH

Foxit Reader 12.1.3.15356 - Code Injection

CVE-2023-34982 MEDIUM

AVEVA Batch Management < 2020 - Authenticated Denial of Service via File Deletion

CVE-2023-46851 MEDIUM

Apache Allura <1.16.0 - Info Disclosure

CVE-2023-20114 MEDIUM

Cisco Firepower Management Center - RCE

CVE-2023-43074 MEDIUM

Dell Unity 5.3 - Arbitrary File Creation

CVE-2023-36634 HIGH

FortiAP-U <7.0.0, <6.2.5, <=6.0, <=5.4 - Command Injection

CVE-2023-36764 HIGH

Microsoft SharePoint Server - Privilege Escalation

CVE-2023-4634 CRITICAL

Media Library Assistant <3.09 - RCE

CVE-2023-32615 MEDIUM

Open Automation Software OAS Platform <18.00.0072 - File Write

CVE-2023-4749 MEDIUM

SourceCodester Inventory Management System 1.0 - File Inclusion

CVE-2023-20234 MEDIUM

Cisco FXOS Software - Privilege Escalation

CVE-2023-35384 MEDIUM

Windows HTML Platforms < - Privilege Escalation

CVE-2023-4191 MEDIUM

SourceCodester Resort Reservation System 1.0 - File Inclusion

CVE-2023-3643 HIGH

Boss Mini 1.4.0 Build 6221 - File Inclusion

CVE-2023-35308 MEDIUM

Microsoft Windows MSHTML Platform - Security Feature Bypass

CVE-2023-3256 HIGH

Advantech R-SeeNet <2.4.22 - Info Disclosure

CVE-2023-28603 HIGH

Zoom VDI client installer <5.14.0 - Info Disclosure

CVE-2023-0008 MEDIUM

Palo Alto Networks PAN-OS - Info Disclosure

Previous Page 15 of 18 Next

Details

Vulnerabilities 450

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy