CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,745 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 62 of 175
- CVE-2020-15592HIGHCVSS 7.5EG 7.52020-07-27
SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privilege Escalation via a crafted file. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other process…
- CVE-2020-15639CRITICALCVSS 9.8EG 9.82020-08-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the decryptF…
- CVE-2020-15640HIGHCVSS 7.5EG 7.52020-08-25
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the …
- CVE-2020-15641HIGHCVSS 7.5EG 7.52020-08-25
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the …
- CVE-2020-15643HIGHCVSS 8.8EG 8.82020-08-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism c…
- CVE-2020-15644HIGHCVSS 8.8EG 8.82020-08-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism c…
- CVE-2020-15703MEDIUMCVSS 4.0EG 4.02020-10-31
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if t…
- CVE-2020-15712MEDIUMCVSS 4.3EG 4.32020-07-28
rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in …
- CVE-2020-15779HIGHCVSS 7.5EG 7.52020-07-15
A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path.
- CVE-2020-15809MEDIUMCVSS 6.5EG 6.52021-03-24
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and …
- CVE-2020-15858MEDIUMCVSS 6.2EG 6.42020-08-21
Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by physically proximate attackers. The directory path access check of the internal flash file system can be circumvented. This flash file system ca…
- CVE-2020-15908HIGHCVSS 7.5EG 7.52020-07-23
tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6.0 allows Directory Traversal during extraction from a TAR archive.
- CVE-2020-15923HIGHCVSS 7.5EG 7.52020-07-24
Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal.
- CVE-2020-15928MEDIUMCVSS 5.3EG 5.32020-11-24
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal.
- CVE-2020-15929CRITICALCVSS 9.8EG 9.82020-11-24
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, le…
- CVE-2020-15941MEDIUMCVSS 5.4EG 5.42021-10-06
A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete the files of the server via the name pa…
- CVE-2020-1606MEDIUMCVSS 5.4EG 5.42020-01-15
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect syst…
- CVE-2020-16116LOWCVSS 3.3EG 3.32020-08-03
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
- CVE-2020-16136HIGHCVSS 7.7EG 7.72020-07-31
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administratio…
- CVE-2020-16245CRITICALCVSS 9.8EG 9.82020-08-25
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availability, and remotely execute code.
- CVE-2020-1631HIGHCVSS 8.8EG 9.8⚠ KEV2020-05-04
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local …
- CVE-2020-1699HIGHCVSS 7.5EG 7.52020-04-21
A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated attacker could use this flaw to cause inf…
- CVE-2020-1735MEDIUMCVSS 4.2EG 4.22020-03-16
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches…
- CVE-2020-1737HIGHCVSS 7.5EG 7.52020-03-09
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker…
- CVE-2020-17383CRITICALCVSS 9.8EG 9.82022-01-24
A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built…
- CVE-2020-17385HIGHCVSS 7.5EG 7.52020-08-25
Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.
- CVE-2020-17387HIGHCVSS 8.8EG 8.82020-08-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism c…
- CVE-2020-17389HIGHCVSS 8.8EG 8.82020-08-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism c…
- CVE-2020-17518HIGHCVSS 7.5EG 7.52021-01-05
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Fl…
- CVE-2020-17563CRITICALCVSS 9.1EG 9.12021-04-22
Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=".
- CVE-2020-17564CRITICALCVSS 9.1EG 9.12021-04-22
Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component.
- CVE-2020-18070CRITICALCVSS 9.1EG 9.12021-04-30
Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
- CVE-2020-18127MEDIUMCVSS 6.5EG 6.52021-08-30
An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files.
- CVE-2020-18178CRITICALCVSS 9.8EG 9.82021-05-18
Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."
- CVE-2020-18190CRITICALCVSS 9.1EG 9.12020-10-02
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
- CVE-2020-18191CRITICALCVSS 9.1EG 9.12020-10-02
GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php
- CVE-2020-18330CRITICALCVSS 9.1EG 9.12023-01-26
An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), allows attackers to gain access to the configur…
- CVE-2020-18331CRITICALCVSS 9.1EG 9.12023-01-26
Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01(hardware platform Gpn2.4P21-C_WIFI-V0.05), via the getpage parameter to /cgi-bin/webproc.
- CVE-2020-18438HIGHCVSS 7.5EG 7.52021-11-02
Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php.
- CVE-2020-1853MEDIUMCVSS 6.5EG 6.52020-02-17
GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause i…
- CVE-2020-18665MEDIUMCVSS 5.3EG 5.32021-06-24
Directory Traversal vulnerability in WebPort <=1.19.1 in tags of system settings.
- CVE-2020-18878MEDIUMCVSS 5.3EG 5.32021-08-20
Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain sensitive information via the component 'index.php?m=admin&c=Tool&a=log&file=D%3A%5CphpStudy%5CWWW%5Cindex.php'.
- CVE-2020-1904MEDIUMCVSS 5.5EG 5.52020-10-06
A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachm…
- CVE-2020-19146MEDIUMCVSS 6.5EG 6.52021-09-15
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'TemplatePath' parameter in the component 'jfinal_cms/admin/folder/list'.
- CVE-2020-19147MEDIUMCVSS 6.5EG 6.52021-09-15
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive infromation via the 'getFolder()' function in the component '/modules/filemanager/FileManager.java'.
- CVE-2020-19150HIGHCVSS 8.1EG 8.12021-09-15
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete()' function in the component 'modules/filemanager/FileManagerControll…
- CVE-2020-19154MEDIUMCVSS 6.5EG 6.52021-09-15
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.
- CVE-2020-19155HIGHCVSS 8.8EG 8.82021-09-15
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerControl…
- CVE-2020-19279CRITICALCVSS 9.8EG 9.82023-04-04
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links.
- CVE-2020-19304HIGHCVSS 7.5EG 7.52021-08-03
An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →