CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,768 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 84 of 176
- CVE-2022-22821LOWCVSS 2.0EG 2.02022-01-10
NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available.
- CVE-2022-22836MEDIUMCVSS 6.5EG 6.52022-01-10
CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via ../ in an HTTP PUT request.
- CVE-2022-22914HIGHCVSS 7.5EG 7.52022-02-17
An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.
- CVE-2022-22931MEDIUMCVSS 4.3EG 4.32022-02-07
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user name…
- CVE-2022-22932MEDIUMCVSS 5.3EG 5.32022-01-26
Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the entry is set by user. This has been fi…
- CVE-2022-23082HIGHCVSS 7.5EG 7.52022-05-31
In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function isFileOutsideDir fails to sanitize the user input which may lead to path traversal.
- CVE-2022-23107HIGHCVSS 8.1EG 8.12022-01-12
Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the …
- CVE-2022-23113MEDIUMCVSS 4.3EG 4.32022-01-12
Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the …
- CVE-2022-23119HIGHCVSS 7.5EG 7.52022-01-20
A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must fir…
- CVE-2022-23135MEDIUMCVSS 6.5EG 6.52022-02-24
There is a directory traversal vulnerability in some home gateway products of ZTE. Due to the lack of verification of user modified destination path, an attacker with specific permissions could modify the FTP access path to access and modi…
- CVE-2022-23166MEDIUMCVSS 6.1EG 9.82022-05-12
Sysaid – Sysaid Local File Inclusion (LFI) – An unauthenticated attacker can access to the system by accessing to "/lib/tinymce/examples/index.html" path. in the "Insert/Edit Embedded Media" window Choose Type : iFrame and File/URL : […
- CVE-2022-23347HIGHCVSS 7.5EG 7.52022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
- CVE-2022-23357CRITICALCVSS 9.1EG 9.12022-02-03
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.
- CVE-2022-23409MEDIUMCVSS 4.9EG 4.92022-01-31
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
- CVE-2022-23447HIGHCVSS 7.5EG 7.52023-07-11
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 throu…
- CVE-2022-23457HIGHCVSS 7.5EG 7.52022-04-25
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorr…
- CVE-2022-23470HIGHCVSS 8.6EG 8.62022-12-06
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galax…
- CVE-2022-23512HIGHCVSS 7.7EG 7.72022-12-14
MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService,…
- CVE-2022-23522HIGHCVSS 8.5EG 8.52023-03-30
MindsDB is an open source machine learning platform. An unsafe extraction is being performed using `shutil.unpack_archive()` from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location.…
- CVE-2022-23530MEDIUMCVSS 5.8EG 5.82022-12-16
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpack_archive() from a potent…
- CVE-2022-23531MEDIUMCVSS 5.8EG 5.82022-12-17
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can al…
- CVE-2022-23532HIGHCVSS 7.1EG 7.12023-01-14
APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export.* procedures of apoc plugins in Neo4j Graph database. The issue …
- CVE-2022-23602HIGHCVSS 7.7EG 7.72022-02-01
Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file …
- CVE-2022-23609HIGHCVSS 8.3EG 8.32022-02-04
iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove files leading to file deletion only limited by the process permiss…
- CVE-2022-23612HIGHCVSS 7.5EG 7.52022-02-22
OpenMRS is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system. Affected versions are subject to arbitrary file exfiltration due to failure to sanitize request when satisf…
- CVE-2022-23620MEDIUMCVSS 6.8EG 6.82022-02-09
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions AbstractSxExportURLFactoryActionHandler#processSx does not escape anything from SSX document references when seri…
- CVE-2022-23732HIGHCVSS 8.8EG 8.82022-04-05
A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would…
- CVE-2022-23767HIGHCVSS 8.8EG 9.82022-09-19
This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal vulnerability is also identified during file transfer. An attacker can take advantage of these vulnerabilities to perform various attacks such…
- CVE-2022-23770HIGHCVSS 8.8EG 9.82022-10-17
This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory t…
- CVE-2022-23793HIGHCVSS 7.5EG 7.52022-03-30
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
- CVE-2022-23854HIGHCVSS 7.5EG 9.02022-12-23
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
- CVE-2022-23970HIGHCVSS 8.1EG 8.12022-04-07
ASUS RT-AX56U’s update_json function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with…
- CVE-2022-23971HIGHCVSS 8.1EG 8.12022-04-07
ASUS RT-AX56U’s update_PLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT …
- CVE-2022-24247MEDIUMCVSS 6.5EG 6.52022-04-12
RiteCMS version 3.1.0 and below suffers from an arbitrary file overwrite via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to overwrite any file in the web root (along with any o…
- CVE-2022-24248MEDIUMCVSS 6.5EG 6.52022-04-12
RiteCMS version 3.1.0 and below suffers from an arbitrary file deletion via path traversal vulnerability in Admin Panel. Exploiting the vulnerability allows an authenticated attacker to delete any file in the web root (along with any other…
- CVE-2022-24278HIGHCVSS 7.5EG 7.52022-06-10
The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.
- CVE-2022-24311CRITICALCVSS 9.8EG 9.82022-02-09
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potential…
- CVE-2022-24312CRITICALCVSS 9.8EG 9.82022-02-09
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leadin…
- CVE-2022-24348HIGHCVSS 7.7EG 7.72022-02-04
Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.
- CVE-2022-24424HIGHCVSS 7.5EG 7.52022-04-21
Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the se…
- CVE-2022-24629CRITICALCVSS 9.8EG 9.82023-05-29
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. Remote code execution can be achieved via directory traversal in the dir parameter of the file upload functionality of BrowseFiles.php. An attacker can u…
- CVE-2022-2463MEDIUMCVSS 6.1EG 7.82022-08-25
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software …
- CVE-2022-24632MEDIUMCVSS 5.3EG 5.32023-05-29
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is directory traversal during file download via the BrowseFiles.php view parameter.
- CVE-2022-2464HIGHCVSS 7.7EG 7.82022-08-25
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If succes…
- CVE-2022-24647HIGHCVSS 8.1EG 8.12022-02-10
Cuppa CMS v1.0 was discovered to contain an arbitrary file deletion vulnerability via the unlink() function.
- CVE-2022-24659HIGHCVSS 7.5EG 7.52022-07-20
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device.
- CVE-2022-24715HIGHCVSS 8.5EG 8.52022-03-08
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbi…
- CVE-2022-24716HIGHCVSS 7.5EG 9.02022-03-08
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration…
- CVE-2022-24718HIGHCVSS 7.6EG 7.62022-03-01
ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the `svg` property as an argument to the `build(MessagePageOpt…
- CVE-2022-24730HIGHCVSS 7.7EG 7.72022-03-23
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compounded by an improper access control bug,…
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →