Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-73

CWE-73

High likelihood

External Control of File Name or Path

Parent: CWE-642 - External Control of Critical State Data

The product allows user input to control or influence paths or file names that are used in filesystem operations.

396 vulnerabilities with CWE-73

CVE-2024-13984 CRITICAL

QiAnXin TianQing Management Center <=6.7.0.4130 - Path Traversal

CVE-2024-1244 CRITICAL

OSSEC HIDS <3.8.0 - Info Disclosure

CVE-2024-1243 HIGH

Wazuh < 4.8.0 - Remote Code Execution

CVE-2024-51553 MEDIUM

ASPECT <3.* - Info Disclosure

CVE-2024-57394 HIGH

Qianxin Tianqing Endpoint Security Ma... - Privilege Escalation

CVE-2024-55372 CRITICAL

Wallos <=2.38.2 - File Upload

CVE-2024-55371 CRITICAL

Wallos <= 2.38.2 - Code Injection

CVE-2024-10210 HIGH

B&R APROL <4.4-005P - Info Disclosure

CVE-2024-13922 LOW

WooCommerce <2.6.0 - Privilege Escalation

CVE-2024-8616 HIGH

h2o-3 <3.46.0 - Code Injection

CVE-2024-6829 CRITICAL

aimhubio/aim <3.19.3 - Code Injection

CVE-2024-11042 CRITICAL

invoke-ai/invokeai <5.0.2 - Privilege Escalation

CVE-2024-10834 CRITICAL

eosphoros-ai/db-gpt <0.6.0 - Code Injection

CVE-2024-12036 HIGH

CS Framework plugin - Path Traversal

CVE-2024-51961 HIGH

ArcGIS Server <11.3 - Info Disclosure

CVE-2024-22341 MEDIUM

IBM Watson Query on Cloud Pak for Data <4.9 - Info Disclosure

CVE-2024-38657 MEDIUM

Ivanti Connect/Ivanti Policy <22.7R2.4/<22.7R1.3 - Path Traversal

CVE-2024-47265 MEDIUM

Synology Active Backup <2.7.1-3234 - Path Traversal

CVE-2024-12058 MEDIUM

Ivanti Connect/Ivanti Policy <22.7R2.6/<22.7R1.3 - Path Traversal

CVE-2024-12267 MEDIUM

Contact Form 7 <1.3.8.5 - Info Disclosure

CVE-2024-12861 MEDIUM

W2S - Migrate WooCommerce to Shopify <1.2.1 - Info Disclosure

CVE-2024-43658 HIGH

Iocharger AC <25010801 - Path Traversal

CVE-2024-12875 MEDIUM

Awesomemotive Easy Digital Downloads < 3.3.3 - Path Traversal

CVE-2024-12066 HIGH

SMSA Shipping(official) plugin - Path Traversal

CVE-2024-4230 HIGH

Edgecross Basic Software <1.00 - Path Traversal

Previous Page 9 of 16 Next

Details

Vulnerabilities 396

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy