Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

450 vulnerabilities with CWE-73

CVE-2023-29324 MEDIUM

Windows MSHTML < - Privilege Escalation

CVE-2023-2554 HIGH

unilogies/bumsys <2.2.0 - Path Traversal

CVE-2023-30943 MEDIUM

Moodle 4.1.0-4.1.2 - Unauthenticated Arbitrary Folder Creation via TinyMCE Loader

CVE-2023-2152 MEDIUM

SourceCodester Student Study Center Desk Management System 1.0 - Fi...

CVE-2023-1105 HIGH

GitHub flatpressblog/flatpress <1.3 - Path Traversal

CVE-2023-1070 HIGH

nilsteampassnet/teampass <3.0.0.22 - Path Traversal

CVE-2023-21566 HIGH

Visual Studio - Privilege Escalation

CVE-2023-21800 HIGH

Windows Installer < - Privilege Escalation

CVE-2023-0003 MEDIUM

Palo Alto Networks Cortex XSOAR - Info Disclosure

CVE-2022-4983 MEDIUM

TEC-IT TBarCode 11.15 - Remote File Creation via INI-based Licensing Handling

CVE-2022-39952 CRITICAL

Fortinet FortiNAC keyUpload.jsp arbitrary file write

CVE-2022-43513 HIGH

Automation License Manager - Unauth RCE

CVE-2022-45213 MEDIUM

perfsonar < 4.4.6 - Arbitrary File Read via file:// URL Parsing

CVE-2022-34669 HIGH

NVIDIA Virtual GPU < 11.11 and Cloud Gaming < 527.27 - Unauthenticated Arbitrary File Access

CVE-2022-31739 HIGH

Firefox < 101 and Firefox ESR < 91.10 - Path Traversal via Unescaped % Character in Download Path

CVE-2022-23536 MEDIUM

Cortex <1.14.0 - Local File Inclusion

CVE-2022-42893 HIGH

syngo Dynamics < VA40G HF01 - Path Traversal

CVE-2022-42891 HIGH

syngo Dynamics < VA40G HF01 - Path Traversal

CVE-2022-42734 HIGH

syngo Dynamics < VA40G HF01 - Path Traversal

CVE-2022-42733 HIGH

syngo Dynamics < VA40G HF01 - Info Disclosure

CVE-2022-42732 HIGH

syngo Dynamics < VA40G HF01 - Info Disclosure

CVE-2022-2431 HIGH

Download Manager <= 3.2.50 - Arbitrary File Deletion via 'file[files]' Parameter

CVE-2022-2638 MEDIUM

WordPress Plugin <4.4 - Path Traversal

CVE-2022-32761 MEDIUM

WWBN AVideo 11.6 and dev master - Arbitrary File Read via aVideoEncoderReceiveImage

CVE-2022-28710 MEDIUM

WWBN AVideo <11.6 - Info Disclosure

Previous Page 16 of 18 Next

Details

Vulnerabilities 450

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy