CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,743 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 59 of 175
- CVE-2019-8925MEDIUMCVSS 4.3EG 4.32019-05-17
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote a…
- CVE-2019-8943MEDIUMCVSS 6.5EG 9.02019-02-20
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such…
- CVE-2019-8952MEDIUMCVSS 6.5EG 6.52019-05-13
A Path Traversal vulnerability located in the webserver affects several Bosch hardware and software products. The vulnerability potentially allows a remote authorized user to access arbitrary files on the system via the network interface. …
- CVE-2019-9005MEDIUMCVSS 6.5EG 6.52019-04-18
The Cprime Power Scripts app before 4.0.14 for Atlassian Jira allows Directory Traversal.
- CVE-2019-9015CRITICALCVSS 9.1EG 9.12019-02-22
A Path Traversal vulnerability was discovered in MOPCMS through 2018-11-30, leading to deletion of unexpected critical files. The exploitation point is in the "column management" function. The path added to the column is not verified. When…
- CVE-2019-9060HIGHCVSS 7.5EG 7.52021-09-17
An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename parameter; and through the action.showme…
- CVE-2019-9064MEDIUMCVSS 5.3EG 5.32019-02-23
PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.
- CVE-2019-9106CRITICALCVSS 9.8EG 9.82019-05-31
The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php…
- CVE-2019-9157MEDIUMCVSS 5.7EG 5.72019-06-05
Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclosure.
- CVE-2019-9195CRITICALCVSS 9.8EG 9.82019-02-26
util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An attacker can execute arbitrary code via directory traversal in a ZIP archive.
- CVE-2019-9222HIGHCVSS 8.1EG 8.12019-04-17
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.
- CVE-2019-9281HIGHCVSS 7.5EG 7.52019-09-27
In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not neede…
- CVE-2019-9489HIGHCVSS 7.5EG 7.52019-04-05
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's manag…
- CVE-2019-9607MEDIUMCVSS 5.3EG 5.32019-03-06
PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by navigating to the parent directory of a jpg or png file.
- CVE-2019-9610MEDIUMCVSS 4.3EG 4.32019-03-06
An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?res_path=res&up_dir=../ directory traversal, related to the getTemplates function in TemplateController.java.
- CVE-2019-9611MEDIUMCVSS 6.5EG 6.52019-03-06
An issue was discovered in OFCMS before 1.1.3. It allows admin/cms/template/getTemplates.html?res_path=res directory traversal, with ../ in the dir parameter, to write arbitrary content (in the file_content parameter) into an arbitrary fil…
- CVE-2019-9618CRITICALCVSS 9.8EG 9.82019-05-13
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
- CVE-2019-9622MEDIUMCVSS 4.3EG 4.32019-03-07
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.
- CVE-2019-9642CRITICALCVSS 9.8EG 9.82019-06-05
An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by placing it on the fourth line of a .php file, as demonstrated by a PoC.php created…
- CVE-2019-9648MEDIUMCVSS 5.3EG 5.32019-03-22
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the…
- CVE-2019-9649MEDIUMCVSS 5.3EG 5.32019-03-22
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence …
- CVE-2019-9662HIGHCVSS 7.5EG 7.52019-03-11
An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management module is flawed. An arbitrary file ending in "inc.php" can be deleted via a console/cache/manage.php?type=action&action=batch&batch=delete&ids=../ substring.
- CVE-2019-9686HIGHCVSS 8.8EG 8.82019-03-11
pacman before 5.1.3 allows directory traversal when installing a remote package via a specified URL "pacman -U <url>" due to an unsanitized file name received from a Content-Disposition header. pacman renames the downloaded package file to…
- CVE-2019-9723HIGHCVSS 7.1EG 7.12019-05-30
LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry.
- CVE-2019-9726HIGHCVSS 7.5EG 7.52019-05-13
Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with acces…
- CVE-2019-9852HIGHCVSS 7.8EG 7.82019-08-15
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, …
- CVE-2019-9854HIGHCVSS 7.8EG 7.82019-09-06
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, …
- CVE-2019-9858HIGHCVSS 8.8EG 8.82019-05-29
Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, i…
- CVE-2019-9886HIGHCVSS 7.5EG 7.52019-07-11
Any URLs with download_attachment.php under templates or home folders can allow arbitrary files downloaded without login in BroadLearning eClass before version ip.2.5.10.2.1.
- CVE-2019-9889LOWCVSS 2.7EG 2.72019-03-21
In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with File Inclusion. An attacker can levera…
- CVE-2019-9922HIGHCVSS 7.5EG 7.52019-03-29
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.
- CVE-2019-9948CRITICALCVSS 9.1EG 9.12019-03-23
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/pa…
- CVE-2019-9960CRITICALCVSS 9.8EG 9.82019-03-24
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.
- CVE-2020-0179HIGHCVSS 7.8EG 7.82020-06-11
In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is requ…
- CVE-2020-0520HIGHCVSS 7.8EG 7.82020-03-12
Path traversal in igdkmd64.sys for Intel(R) Graphics Drivers before versions 15.45.30.5103, 15.40.44.5107, 15.36.38.5117 and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege or denial of service v…
- CVE-2020-0539MEDIUMCVSS 5.5EG 5.52020-06-15
Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSME versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64, 13.0.32, 14.0.33 and Intel(R) TXE versions before 3.1.75, 4.0.25 may allow an unprivileged user to potentially en…
- CVE-2020-10010HIGHCVSS 7.8EG 7.82020-12-08
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
- CVE-2020-10014MEDIUMCVSS 6.3EG 6.32020-12-08
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox.
- CVE-2020-10086MEDIUMCVSS 5.3EG 5.32020-03-13
GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read.
- CVE-2020-10366HIGHCVSS 7.5EG 7.52020-04-08
LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a different vulnerability than CVE-2020-9423 and CVE-2020-10365.
- CVE-2020-10387MEDIUMCVSS 4.9EG 4.92020-03-12
Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
- CVE-2020-10457LOWCVSS 2.7EG 2.72020-03-12
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) an…
- CVE-2020-10458MEDIUMCVSS 6.5EG 6.52020-03-12
Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence (../) via the GET parameter crdir, when the GET parameter ac…
- CVE-2020-10459LOWCVSS 2.7EG 2.72020-03-12
Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that are stored on the webserver using a dot…
- CVE-2020-10506HIGHCVSS 7.5EG 7.52020-04-15
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files.
- CVE-2020-10564CRITICALCVSS 9.8EG 9.82020-03-13
An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.
- CVE-2020-10579HIGHCVSS 7.5EG 7.52021-03-25
A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application.
- CVE-2020-10584HIGHCVSS 7.5EG 7.52021-03-25
A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application.
- CVE-2020-10619CRITICALCVSS 9.1EG 9.12020-04-09
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
- CVE-2020-10631CRITICALCVSS 9.8EG 9.82020-04-09
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →