CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,768 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 78 of 176
- CVE-2021-37922MEDIUMCVSS 5.3EG 5.32021-10-07
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.
- CVE-2021-37938MEDIUMCVSS 4.3EG 4.32021-11-18
It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal fi…
- CVE-2021-3806MEDIUMCVSS 5.3EG 5.32021-09-18
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
- CVE-2021-38136MEDIUMCVSS 6.5EG 6.52021-08-06
Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. A ‘low privileged’ attacker can read any file…
- CVE-2021-38146HIGHCVSS 7.5EG 7.52021-11-22
The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data.
- CVE-2021-38163CRITICALCVSS 9.9EG 9.9⚠ KEV2021-09-14
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable o…
- CVE-2021-38197CRITICALCVSS 9.8EG 9.82021-08-08
unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive.
- CVE-2021-3823HIGHCVSS 7.1EG 7.12021-10-28
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects:…
- CVE-2021-38346HIGHCVSS 8.8EG 8.82021-10-14
The Brizy Page Builder plugin <= 2.3.11 for WordPress allowed authenticated users to upload executable files to a location of their choice using the brizy_create_block_screenshot AJAX action. The file would be named using the id parameter,…
- CVE-2021-38360HIGHCVSS 8.3EG 8.32021-09-10
The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in v…
- CVE-2021-38399HIGHCVSS 7.5EG 7.52022-10-28
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories.
- CVE-2021-38452HIGHCVSS 7.5EG 7.52021-10-12
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38454CRITICALCVSS 10.0EG 10.02021-10-12
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38460HIGHCVSS 7.5EG 7.52021-10-12
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-3856MEDIUMCVSS 4.3EG 4.32022-08-26
ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will recei…
- CVE-2021-38612HIGHCVSS 7.5EG 7.52021-08-24
In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL.
- CVE-2021-38693MEDIUMCVSS 5.3EG 5.32022-05-05
A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance. If exploited, this vulnerability allows attackers to read the contents of unexpected files and expose sensitive da…
- CVE-2021-3874MEDIUMCVSS 6.5EG 6.52021-10-15
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE-2021-38758HIGHCVSS 7.5EG 7.52021-08-16
Directory traversal vulnerability in Online Catering Reservation System 1.0 exists due to lack of validation in index.php.
- CVE-2021-3907HIGHCVSS 7.4EG 7.42021-11-11
OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. Thi…
- CVE-2021-39109HIGHCVSS 7.5EG 7.52021-09-01
The renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traversal vulnerability.
- CVE-2021-39143MEDIUMCVSS 6.6EG 6.62022-01-04
Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerability was discovered in uses of TAR files by AppEngine for deployments. This uses a utility to extract files locally for deployment without val…
- CVE-2021-3916MEDIUMCVSS 6.5EG 6.52021-11-05
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE-2021-39180HIGHCVSS 8.1EG 8.12021-08-31
OpenOLAT is a web-based learning management system (LMS). A path traversal vulnerability exists in versions prior to 15.3.18, 15.5.3, and 16.0.0. Using a specially prepared ZIP file, it is possible to overwrite any file that is writable by…
- CVE-2021-39208MEDIUMCVSS 4.3EG 4.32021-09-16
SharpCompress is a fully managed C# library to deal with many compression types and formats. Versions prior to 0.29.0 are vulnerable to partial path traversal. SharpCompress recreates a hierarchy of directories under destinationDirectory i…
- CVE-2021-3924HIGHCVSS 7.5EG 8.82021-11-05
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE-2021-39312HIGHCVSS 7.5EG 9.02021-12-14
The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.ph…
- CVE-2021-39316HIGHCVSS 7.5EG 9.02021-08-31
The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.
- CVE-2021-39369MEDIUMCVSS 6.5EG 6.52022-12-26
In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.
- CVE-2021-39500HIGHCVSS 7.5EG 7.52021-09-07
Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories.
- CVE-2021-3960HIGHCVSS 7.1EG 7.12021-12-16
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects …
- CVE-2021-39970HIGHCVSS 7.5EG 7.52022-01-03
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
- CVE-2021-40001MEDIUMCVSS 5.3EG 5.32022-01-10
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
- CVE-2021-40003MEDIUMCVSS 5.3EG 5.32022-01-10
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- CVE-2021-40097HIGHCVSS 8.8EG 8.82021-09-27
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.
- CVE-2021-40098CRITICALCVSS 9.8EG 9.82021-09-27
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression.
- CVE-2021-40103HIGHCVSS 7.5EG 7.52021-09-27
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.
- CVE-2021-40153HIGHCVSS 8.1EG 8.12021-08-27
squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the desti…
- CVE-2021-40285HIGHCVSS 8.1EG 8.12022-08-26
htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.
- CVE-2021-40349MEDIUMCVSS 5.3EG 5.32021-09-27
e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack that results in information disclosure via the "GET /.." substring.
- CVE-2021-40357MEDIUMCVSS 4.9EG 4.92021-09-14
A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspa…
- CVE-2021-40358CRITICALCVSS 9.9EG 9.82021-11-09
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIM…
- CVE-2021-40359HIGHCVSS 7.7EG 7.52021-11-09
A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All v…
- CVE-2021-40371CRITICALCVSS 9.8EG 9.82021-10-25
Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to ServiceManagerTenant/GetVisibilityMap.
- CVE-2021-40444HIGHCVSS 8.8EG 9.0⚠ KEV2021-09-15
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft…
- CVE-2021-40525CRITICALCVSS 9.1EG 9.12022-01-04
Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We rec…
- CVE-2021-40651MEDIUMCVSS 6.5EG 6.52021-09-29
OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php (modname parameter), which can disclose arbitrary file from the server's filesystem as long as the application has access to the file.
- CVE-2021-40661HIGHCVSS 7.5EG 9.02022-10-31
A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label …
- CVE-2021-40668HIGHCVSS 8.1EG 8.12022-06-09
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
- CVE-2021-40680HIGHCVSS 8.1EG 8.12022-04-25
There is a Directory Traversal vulnerability in Artica Proxy (4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273) via the filename parameter to /cgi-bin/main.cgi.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →