CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,734 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 38 of 175
- CVE-2016-7063CRITICALCVSS 9.8EG 9.82020-07-21
A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation.
- CVE-2016-9484HIGHCVSS 7.5EG 7.52018-07-13
The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. The PHP FormMail Generator website does …
- CVE-2017-0918HIGHCVSS 8.8EG 8.82018-03-21
Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
- CVE-2017-0930MEDIUMCVSS 6.5EG 6.52018-06-04
augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
- CVE-2017-1000448HIGHCVSS 7.5EG 7.52018-01-02
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host.
- CVE-2017-1000472MEDIUMCVSS 6.5EG 6.52018-01-03
The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the Z…
- CVE-2017-1000490MEDIUMCVSS 6.5EG 6.52018-01-03
Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to.
- CVE-2017-1000501CRITICALCVSS 9.8EG 9.82018-01-03
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
- CVE-2017-10273MEDIUMCVSS 4.7EG 4.72018-01-18
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to explo…
- CVE-2017-12559MEDIUMCVSS 6.5EG 6.52018-02-15
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.
- CVE-2017-12560MEDIUMCVSS 6.5EG 6.52018-02-15
A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.
- CVE-2017-12637HIGHCVSS 7.5EG 9.0⚠ KEV2017-08-07
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in t…
- CVE-2017-1279MEDIUMCVSS 6.5EG 6.52018-01-26
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files o…
- CVE-2017-12815CRITICALCVSS 10.0EG 10.02018-03-26
Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at htt…
- CVE-2017-14384MEDIUMCVSS 6.5EG 6.52018-03-16
In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by sup…
- CVE-2017-14537MEDIUMCVSS 6.5EG 9.02018-02-16
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
- CVE-2017-14804CRITICALCVSS 9.9EG 5.32018-03-01
The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.
- CVE-2017-15550HIGHCVSS 8.8EG 8.82018-01-05
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privi…
- CVE-2017-15681CRITICALCVSS 9.8EG 9.82020-11-27
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.
- CVE-2017-15684HIGHCVSS 7.5EG 7.52020-11-27
Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.
- CVE-2017-15712MEDIUMCVSS 6.5EG 6.52018-02-19
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration tha…
- CVE-2017-16029HIGHCVSS 7.5EG 7.52018-06-04
hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3.5 and earlier that allows an attacker to read files outside the current directory by sending `../`…
- CVE-2017-16036HIGHCVSS 7.5EG 7.52018-06-04
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16037HIGHCVSS 7.5EG 7.52018-06-04
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
- CVE-2017-16038HIGHCVSS 7.5EG 7.52018-06-04
`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run.
- CVE-2017-16039HIGHCVSS 7.5EG 7.52018-06-04
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16083HIGHCVSS 7.5EG 7.52018-06-07
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16084HIGHCVSS 7.5EG 7.52018-06-07
list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16085HIGHCVSS 7.5EG 7.52018-06-07
tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16089HIGHCVSS 7.5EG 7.52018-06-07
serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16090HIGHCVSS 7.5EG 7.52018-06-07
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16091HIGHCVSS 7.5EG 7.52018-06-07
xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16092HIGHCVSS 7.5EG 7.52018-06-07
Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16093HIGHCVSS 7.5EG 7.52018-06-07
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16094HIGHCVSS 7.5EG 7.52018-06-07
iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16095HIGHCVSS 7.5EG 7.52018-06-07
serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16096HIGHCVSS 7.5EG 7.52018-06-07
serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16097HIGHCVSS 7.5EG 7.52018-06-07
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16101HIGHCVSS 7.5EG 7.52018-06-07
serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16102HIGHCVSS 7.5EG 7.52018-06-07
serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16103HIGHCVSS 7.5EG 7.52018-06-07
serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16104HIGHCVSS 7.5EG 7.52018-06-07
citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16105HIGHCVSS 7.5EG 7.52018-06-07
serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
- CVE-2017-16106HIGHCVSS 7.5EG 7.52018-06-07
tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16107HIGHCVSS 7.5EG 7.52018-06-07
pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16108HIGHCVSS 7.5EG 7.52018-06-07
gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16109MEDIUMCVSS 5.3EG 5.32018-06-07
easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file s…
- CVE-2017-16110HIGHCVSS 7.5EG 7.52018-06-07
weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16120HIGHCVSS 7.5EG 7.52018-06-07
liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16121HIGHCVSS 7.5EG 7.52018-06-07
datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →