CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,742 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 54 of 175
- CVE-2019-15039CRITICALCVSS 9.8EG 9.82019-10-01
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.
- CVE-2019-15055MEDIUMCVSS 6.5EG 6.52019-08-26
MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows the…
- CVE-2019-15266MEDIUMCVSS 4.4EG 4.42019-10-16
A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. This vulnerability is due to improper sanitization of user-supplied inp…
- CVE-2019-15323HIGHCVSS 7.5EG 7.52019-08-22
The ad-inserter plugin before 2.4.20 for WordPress has path traversal.
- CVE-2019-15326HIGHCVSS 7.5EG 7.52019-08-22
The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
- CVE-2019-15516HIGHCVSS 7.5EG 7.52019-08-23
Cuberite before 2019-06-11 allows webadmin directory traversal via ....// because the protection mechanism simply removes one ../ substring.
- CVE-2019-15517MEDIUMCVSS 5.5EG 5.52019-08-23
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.
- CVE-2019-15518MEDIUMCVSS 5.3EG 5.32019-08-23
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler.
- CVE-2019-15519CRITICALCVSS 9.8EG 9.82019-08-23
Power-Response before 2019-02-02 allows directory traversal (up to the application's main directory) via a plugin.
- CVE-2019-15520MEDIUMCVSS 5.3EG 5.32019-08-23
comelz Quark before 2019-03-26 allows directory traversal to locations outside of the project directory.
- CVE-2019-15596HIGHCVSS 7.5EG 7.52019-12-18
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.
- CVE-2019-15600HIGHCVSS 7.5EG 7.52019-12-18
A Path traversal exists in http_server which allows an attacker to read arbitrary system files.
- CVE-2019-15630HIGHCVSS 7.5EG 7.52019-08-30
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions o…
- CVE-2019-15648MEDIUMCVSS 6.5EG 6.52019-08-27
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
- CVE-2019-15714MEDIUMCVSS 5.3EG 5.32019-08-28
cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \ in command names, which might allow a directory traversal attack in unusual situations.
- CVE-2019-15822CRITICALCVSS 9.8EG 9.82019-08-30
The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal.
- CVE-2019-15839HIGHCVSS 7.5EG 7.52019-08-30
The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion.
- CVE-2019-15855CRITICALCVSS 9.1EG 9.12020-01-17
An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results i…
- CVE-2019-15931CRITICALCVSS 9.8EG 9.82019-12-12
Intesync Solismed 3.3sp allows Directory Traversal, a different vulnerability than CVE-2019-16246.
- CVE-2019-15952HIGHCVSS 8.8EG 8.82019-09-05
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack (../) to include .html files that are outside the permitted directory. Also, if a page contains a template d…
- CVE-2019-15980HIGHCVSS 7.2EG 7.22020-01-06
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affect…
- CVE-2019-15981HIGHCVSS 7.2EG 7.22020-01-06
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affect…
- CVE-2019-15982HIGHCVSS 7.2EG 7.22020-01-06
Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affect…
- CVE-2019-16064CRITICALCVSS 9.6EG 9.62020-03-19
NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal vulnerability that can allow an authenticated user to access files and directories stored outside of the web root folder. By exploiting this vulnerability, it is possibl…
- CVE-2019-16105MEDIUMCVSS 4.9EG 4.92019-09-08
Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory traversal via a rest/json/configdb/download/ URI.
- CVE-2019-16113HIGHCVSS 8.8EG 9.02019-09-08
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
- CVE-2019-16123HIGHCVSS 7.5EG 7.52019-09-09
In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.
- CVE-2019-16132MEDIUMCVSS 6.5EG 6.52019-09-09
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.
- CVE-2019-16198MEDIUMCVSS 6.5EG 6.52019-10-03
KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by the hostFile parameter.
- CVE-2019-1620CRITICALCVSS 9.8EG 9.82019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. The vulnerability is due to incorrect permis…
- CVE-2019-1621HIGHCVSS 7.5EG 7.52019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrec…
- CVE-2019-16246CRITICALCVSS 9.8EG 9.82019-12-12
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.
- CVE-2019-16278CRITICALCVSS 9.8EG 9.8⚠ KEV2019-10-14
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
- CVE-2019-16279HIGHCVSS 7.5EG 9.02019-10-14
A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
- CVE-2019-16384MEDIUMCVSS 6.5EG 6.52020-06-04
Cybele Thinfinity VirtualUI 2.5.17.2 allows ../ path traversal that can be used for data exfiltration. This enables files outside of the web directory to be retrieved if the exact location is known and the user has permissions.
- CVE-2019-16511MEDIUMCVSS 5.5EG 5.52019-09-19
An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. Microsoft.Deployment.Compression.Cab.dll and Microsoft.Deployment.Compression.Zip.dll allow directory traversal during CAB or ZIP archive extraction, because the full n…
- CVE-2019-16540MEDIUMCVSS 6.5EG 6.52019-11-21
A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master.
- CVE-2019-16679MEDIUMCVSS 4.9EG 4.92019-09-21
Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, leading to Local File Inclusion.
- CVE-2019-16680MEDIUMCVSS 4.3EG 4.32019-09-21
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
- CVE-2019-16758HIGHCVSS 7.5EG 7.52019-11-21
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
- CVE-2019-16765HIGHCVSS 7.4EG 7.42019-11-25
If an attacker can get a user to open a specially prepared directory tree as a workspace in Visual Studio Code with the CodeQL extension active, arbitrary code of the attacker's choosing may be executed on the user's behalf. This is fixed …
- CVE-2019-16776HIGHCVSS 7.7EG 7.72019-12-13
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bi…
- CVE-2019-16777HIGHCVSS 7.7EG 7.72019-12-13
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globa…
- CVE-2019-1681HIGHCVSS 7.5EG 7.52019-02-21
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure…
- CVE-2019-16867MEDIUMCVSS 6.5EG 6.52019-09-25
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. (If the attacker deletes config.php and visits install/index.php, they can rein…
- CVE-2019-16868CRITICALCVSS 9.8EG 9.82019-09-25
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
- CVE-2019-16876HIGHCVSS 7.5EG 7.52019-11-07
Portainer before 1.22.1 allows Directory Traversal.
- CVE-2019-16902HIGHCVSS 7.5EG 7.52019-09-27
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname.
- CVE-2019-16903MEDIUMCVSS 5.3EG 5.32019-09-26
Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServer.cpp because it checks for /.. where it should be checking for ../ instead.
- CVE-2019-16915CRITICALCVSS 9.8EG 9.82019-09-26
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →