CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,768 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 85 of 176
- CVE-2022-24731MEDIUMCVSS 6.8EG 6.82022-03-23
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.5.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal vulnerability, allowing a malicious user with read…
- CVE-2022-24774HIGHCVSS 7.1EG 7.12022-03-22
CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs. CycloneDX BOM Repository Server before version 2.0.1 has an improper input validation vulnerability leading to path traversal. …
- CVE-2022-24785HIGHCVSS 7.5EG 7.52022-04-04
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided loc…
- CVE-2022-24830MEDIUMCVSS 6.5EG 6.52022-05-14
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and…
- CVE-2022-24840CRITICALCVSS 9.1EG 9.12022-06-09
django-s3file is a lightweight file upload input for Django and Amazon S3 . In versions prior to 5.5.1 it was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. If the `AWS_LOCATION` setting was set,…
- CVE-2022-24843HIGHCVSS 7.5EG 7.52022-04-13
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolv…
- CVE-2022-24851HIGHCVSS 8.1EG 8.12022-04-15
LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory. The profile editor tool has an edit profile functionality, the parameters on this page are not properly sanitized and hence leads t…
- CVE-2022-24877CRITICALCVSS 9.9EG 9.92022-05-06
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem …
- CVE-2022-24878HIGHCVSS 7.7EG 7.72022-05-06
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workaround…
- CVE-2022-24897HIGHCVSS 7.5EG 7.52022-05-02
APIs to evaluate content with Velocity is a package for APIs to evaluate content with Velocity. Starting with version 2.3 and prior to 12.6.7, 12.10.3, and 13.0, the velocity scripts are not properly sandboxed against using the Java File A…
- CVE-2022-24900CRITICALCVSS 9.9EG 9.92022-04-29
Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The `os.path.join` call is unsafe for use with untruste…
- CVE-2022-24977CRITICALCVSS 9.8EG 9.82022-02-14
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSI…
- CVE-2022-24983HIGHCVSS 7.5EG 7.52022-02-16
Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on…
- CVE-2022-24992HIGHCVSS 7.5EG 7.52022-07-25
A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal.
- CVE-2022-25046CRITICALCVSS 9.8EG 9.82022-07-07
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.
- CVE-2022-25178MEDIUMCVSS 6.5EG 6.52022-02-15
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files o…
- CVE-2022-25188MEDIUMCVSS 4.3EG 4.32022-02-15
Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file sys…
- CVE-2022-25216HIGHCVSS 7.5EG 7.52022-03-11
An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access, by means of an HTTP GET req…
- CVE-2022-25249HIGHCVSS 7.5EG 7.52022-03-16
When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregarding Axeda agent v6.9.2 and v6.9.3) is vulnerable to directory traversal, which could allow a remote unauthenticated …
- CVE-2022-25266MEDIUMCVSS 4.3EG 4.32022-03-23
Passwork On-Premise Edition before 4.6.13 allows migration/downloadExportFile Directory Traversal (to read files).
- CVE-2022-25267HIGHCVSS 8.8EG 8.82022-03-23
Passwork On-Premise Edition before 4.6.13 allows migration/uploadExportFile Directory Traversal (to upload files).
- CVE-2022-25298HIGHCVSS 7.5EG 7.52022-02-18
This affects the package sprinfall/webcc before 0.3.0. It is possible to traverse directories to fetch arbitrary files from the server.
- CVE-2022-2531MEDIUMCVSS 5.3EG 5.32022-08-05
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was not performing correct authenticati…
- CVE-2022-25347CRITICALCVSS 9.8EG 7.52022-03-29
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to path traversal attacks, which may allow an attacker to write arbitrary files to locations on the file system.
- CVE-2022-25358MEDIUMCVSS 5.3EG 5.32022-02-18
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories (not read files). This occurs because the safe-path? Scheme predicate is not used for directories.
- CVE-2022-25371CRITICALCVSS 9.8EG 9.82022-09-02
Apache OFBiz uses the Birt project plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. By leveraging a bug in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142) it is possible to perform a r…
- CVE-2022-25377HIGHCVSS 7.5EG 7.52024-02-22
The ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ directory traversal. In order to be vulnerable, APP_STORAGE_CERTIFICATES/.well-known/acme-challenge mu…
- CVE-2022-25412HIGHCVSS 8.1EG 8.12022-02-28
Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters.
- CVE-2022-25511MEDIUMCVSS 6.5EG 6.52022-03-11
An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system.
- CVE-2022-2554MEDIUMCVSS 4.9EG 4.92022-10-10
The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traver…
- CVE-2022-2557HIGHCVSS 8.8EG 8.82022-08-22
The Team WordPress plugin before 4.1.2 contains a file which could allow any authenticated users to download arbitrary files from the server via a path traversal vector. Furthermore, the file will also be deleted after its content is retur…
- CVE-2022-25591CRITICALCVSS 9.1EG 9.12022-05-13
BlogEngine.NET v3.3.8.0 was discovered to contain an arbitrary file deletion vulnerability which allows attackers to delete files within the web server root directory via a crafted HTTP request.
- CVE-2022-2560CRITICALCVSS 9.1EG 9.12023-03-29
This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Htt…
- CVE-2022-25634HIGHCVSS 7.5EG 7.52022-03-02
Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory.
- CVE-2022-25773MEDIUMCVSS 4.3EG 4.32025-02-26
This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. * Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset …
- CVE-2022-25842MEDIUMCVSS 6.9EG 6.92022-05-01
All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive that holds directory traversal filenames (e.g. ../../evil.exe). T…
- CVE-2022-25848HIGHCVSS 7.5EG 7.52022-11-29
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
- CVE-2022-25856HIGHCVSS 7.5EG 7.52022-06-17
The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided…
- CVE-2022-25882HIGHCVSS 7.5EG 7.52023-01-26
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for exampl…
- CVE-2022-25895HIGHCVSS 7.5EG 7.52022-12-21
All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
- CVE-2022-25931HIGHCVSS 7.5EG 7.52022-12-20
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
- CVE-2022-25936HIGHCVSS 7.5EG 7.52023-01-30
Versions of the package servst before 2.0.3 are vulnerable to Directory Traversal due to improper sanitization of the filePath variable.
- CVE-2022-25937MEDIUMCVSS 6.5EG 6.52023-02-13
Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https:/…
- CVE-2022-26019HIGHCVSS 8.8EG 8.82022-03-31
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to …
- CVE-2022-26041MEDIUMCVSS 6.5EG 6.52022-06-13
Directory traversal vulnerability in RCCMD 4.26 and earlier allows a remote authenticated attacker with an administrative privilege to read or alter an arbitrary file on the server via unspecified vectors.
- CVE-2022-26049MEDIUMCVSS 5.3EG 5.32022-09-11
This affects the package com.diffplug.gradle:goomph before 3.37.2. It allows a malicious zip file to potentially break out of the expected destination directory, writing contents into arbitrary locations on the file system. Overwriting cer…
- CVE-2022-26068MEDIUMCVSS 6.5EG 7.52022-05-01
This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server.
- CVE-2022-26233HIGHCVSS 7.5EG 7.52022-04-03
Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
- CVE-2022-26252MEDIUMCVSS 6.5EG 6.52022-03-27
aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. This vulnerability allows attackers to obtain the root user private SSH key(id_rsa).
- CVE-2022-26276MEDIUMCVSS 5.3EG 5.32022-03-12
An issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →