Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

450 vulnerabilities with CWE-73

CVE-2022-2400 MEDIUM

dompdf < 2.0.0 - Path Traversal via Untrusted File Path

CVE-2022-34765 MEDIUM

X80 advanced RTU Communication Module - Path Traversal

CVE-2022-24900 CRITICAL

Piano LED Visualizer < 1.3 - Path Traversal via os.path.join

CVE-2022-20789 MEDIUM

Cisco Unified Communications Manager - Privilege Escalation

CVE-2022-0246 MEDIUM

WordPress iQ Block Country <1.2.13 - Path Traversal

CVE-2022-0593 MEDIUM

Login with phone number WP <1.3.7 - DoS

CVE-2021-47871 HIGH

Hestia Control Panel 1.3.2 - File Write

CVE-2021-47746 HIGH

NodeBB Plugin Emoji 3.2.1 - Path Traversal

CVE-2021-4472 MEDIUM

Mistral-OpenStack - Info Disclosure

CVE-2021-4332 MEDIUM

Plus Addons for Elementor <4.1.9(pro) & 2.0.6(free) - Info Disclosure

CVE-2021-24966 MEDIUM

Error Log Viewer <1.1.1 - Privilege Escalation

CVE-2021-3845 HIGH

ws_scrcpy < 0.7.1 - Path Traversal

CVE-2021-34761 MEDIUM

Cisco Firepower Threat Defense - Privilege Escalation

CVE-2021-38477 CRITICAL

Multiple API Functions - Info Disclosure

CVE-2021-3626 HIGH

Multipass < 1.7.0 - Unauthenticated Privilege Escalation via Localhost TCP Control Socket

CVE-2021-1306 MEDIUM

Cisco EPN Manager, ISE, Prime Infrastructure - Path Traversal

CVE-2021-22539 HIGH

VScode-bazel <0.4.1 - Code Injection

CVE-2021-27250 MEDIUM

D-Link DAP-2020 v1.01rc001 - Info Disclosure

CVE-2021-21343 MEDIUM

XStream <1.4.16 - Code Injection

CVE-2020-37080 CRITICAL

webTareas 2.0.p8 - Privilege Escalation

CVE-2020-37078 HIGH

i-doit Open Source CMDB 1.14.1 - File Deletion

CVE-2020-36878 HIGH

ReQuest Serious Play Media Player 3.0 - Info Disclosure

CVE-2020-36868 HIGH

Nagios XI <5.7.3 - Privilege Escalation

CVE-2020-36772 MEDIUM

CloudLinux CageFS <7.0.8.2 - Info Disclosure

CVE-2020-25161 HIGH

WebAccess/SCADA <9.0 - Code Injection

Previous Page 17 of 18 Next

Details

Vulnerabilities 450

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy