CWE-22— Path Traversal
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.— MITRE CWE catalog
8,794 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 97 of 176
- CVE-2023-0104CRITICALCVSS 9.3EG 7.82023-02-22
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data. …
- CVE-2023-0126HIGHCVSS 7.5EG 9.02023-01-19
Pre-authentication path traversal vulnerability in SMA1000 firmware version 12.4.2, which allows an unauthenticated attacker to access arbitrary files and directories stored outside the web root directory.
- CVE-2023-0156MEDIUMCVSS 4.9EG 4.92023-04-10
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the…
- CVE-2023-0159HIGHCVSS 7.5EG 9.02023-02-13
The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to …
- CVE-2023-0241MEDIUMCVSS 6.5EG 6.52023-03-27
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.
- CVE-2023-0290MEDIUMCVSS 4.3EG 4.32023-01-18
Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written. It was possible to provide a client id of "../clients/server" …
- CVE-2023-0339CRITICALCVSS 9.1EG 9.82023-02-28
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1
- CVE-2023-0340HIGHCVSS 8.8EG 8.82023-03-20
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allo…
- CVE-2023-0454HIGHCVSS 8.1EG 8.12023-02-01
OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. This is possible because the application uses an unsanitized attacker-controlled parameter to construct an internal path.
- CVE-2023-0467MEDIUMCVSS 4.3EG 4.32023-03-27
The WP Dark Mode WordPress plugin before 4.0.8 does not properly sanitize the style parameter in shortcodes before using it to load a PHP template. This leads to Local File Inclusion on servers where non-existent directories may be travers…
- CVE-2023-0511CRITICALCVSS 9.1EG 9.82023-02-28
Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1
- CVE-2023-0582HIGHCVSS 8.1EG 8.12024-03-27
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, throu…
- CVE-2023-0591MEDIUMCVSS 5.5EG 5.52023-01-31
ubireader_extract_files is vulnerable to path traversal when run against specifically crafted UBIFS files, allowing the attacker to overwrite files outside of the extraction directory (provided the process has write access to that file or…
- CVE-2023-0592MEDIUMCVSS 5.5EG 5.52023-01-31
A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1.
- CVE-2023-0593MEDIUMCVSS 5.5EG 5.52023-01-31
A path traversal vulnerability affects yaffshiv YAFFS filesystem extractor. By crafting a malicious YAFFS file, an attacker could force yaffshiv to write outside of the extraction directory. This issue affects yaffshiv up to version 0.1 i…
- CVE-2023-0745MEDIUMCVSS 6.7EG 9.82023-02-09
The High Availability functionality of Yugabyte Anywhere can be abused to write arbitrary files through the backup upload endpoint by using path traversal characters. This vulnerability…
- CVE-2023-0862HIGHCVSS 7.2EG 8.82023-02-16
The NetModule NSRW web administration interface is vulnerable to path traversals, which could lead to arbitrary file uploads and deletion. By uploading malicious files to the web root directory, authenticated users could gain remote comman…
- CVE-2023-0947CRITICALCVSS 9.8EG 9.82023-02-22
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
- CVE-2023-0956HIGHCVSS 7.5EG 7.52023-08-03
External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files…
- CVE-2023-1002MEDIUMCVSS 4.3EG 6.52023-02-24
A vulnerability, which was classified as problematic, has been found in MuYuCMS 2.2. This issue affects some unknown processing of the file index.php. The manipulation of the argument file_path leads to path traversal. The attack may be in…
- CVE-2023-1009MEDIUMCVSS 6.5EG 5.52023-02-24
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi of the component Web Management Interface…
- CVE-2023-1043MEDIUMCVSS 4.3EG 4.32023-02-26
A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relative path traversal. It is possible to l…
- CVE-2023-1044MEDIUMCVSS 4.3EG 8.82023-02-26
A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument file_path leads to relative path trav…
- CVE-2023-1045LOWCVSS 3.8EG 8.12023-02-26
A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin.php/accessory/filesdel.html. The manipulation of the argument filedelur leads to relative p…
- CVE-2023-1109HIGHCVSS 8.8EG 8.82023-04-17
In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality o…
- CVE-2023-1112MEDIUMCVSS 4.7EG 9.82023-03-01
A vulnerability was found in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 on WordPress. It has been classified as critical. Affected is an unknown function of the file admin-ajax.php. The manipulation of the argument upload_na…
- CVE-2023-1124HIGHCVSS 7.2EG 7.22023-04-03
The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.
- CVE-2023-1134HIGHCVSS 7.1EG 8.82023-03-27
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a path traversal vulnerability, which could allow an attacker to read local files, disclose plaintext credentials, and escalate privileges.
- CVE-2023-1142HIGHCVSS 7.5EG 9.82023-03-27
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
- CVE-2023-1163MEDIUMCVSS 6.5EG 6.52023-03-03
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4/1.5.1.5 and classified as critical. Affected by this vulnerability is the function getSyslogFile of the file mainfunction.cgi of the component Web…
- CVE-2023-1177CRITICALCVSS 9.3EG 9.32023-03-24
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
- CVE-2023-1183MEDIUMCVSS 5.0EG 5.02023-07-10
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
- CVE-2023-1191MEDIUMCVSS 4.7EG 7.22023-03-06
A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to init…
- CVE-2023-1273HIGHCVSS 8.8EG 8.82023-07-04
The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks
- CVE-2023-1274MEDIUMCVSS 6.5EG 6.52023-04-17
The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated us…
- CVE-2023-1398MEDIUMCVSS 6.3EG 8.82023-03-14
A vulnerability classified as critical was found in XiaoBingBy TeaCMS 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/upload. The manipulation leads to path traversal: '../filedir'. The attack can be laun…
- CVE-2023-1427MEDIUMCVSS 4.9EG 4.92023-04-17
- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector.
- CVE-2023-1467MEDIUMCVSS 6.5EG 9.82023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manip…
- CVE-2023-1478CRITICALCVSS 9.8EG 9.82023-04-10
The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing them, leading to a path traversal vulnerability in the page cache module.
- CVE-2023-1864MEDIUMCVSS 6.8EG 6.82023-06-07
FANUC ROBOGUIDE-HandlingPRO Versions 9 Rev.ZD and prior is vulnerable to a path traversal, which could allow an attacker to remotely read files on the system running the affected software.
- CVE-2023-1956MEDIUMCVSS 5.4EG 8.82023-04-08
A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_img of the component Image Handler…
- CVE-2023-20066MEDIUMCVSS 6.5EG 6.52023-03-23
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due …
- CVE-2023-20077MEDIUMCVSS 4.9EG 4.92023-05-18
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabiliti…
- CVE-2023-20087MEDIUMCVSS 4.9EG 4.92023-05-18
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabiliti…
- CVE-2023-20098MEDIUMCVSS 4.4EG 4.42023-05-09
A vulnerability in the CLI of Cisco SDWAN vManage Software could allow an authenticated, local attacker to delete arbitrary files. This vulnerability is due to improper filtering of directory traversal character sequences within system …
- CVE-2023-20129MEDIUMCVSS 6.5EG 6.52023-04-05
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site script…
- CVE-2023-20166MEDIUMCVSS 6.0EG 6.02023-05-18
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To ex…
- CVE-2023-20167MEDIUMCVSS 6.0EG 6.02023-05-18
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To ex…
- CVE-2023-20220HIGHCVSS 7.2EG 7.22023-11-01
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit t…
- CVE-2023-20229HIGHCVSS 7.1EG 7.12023-08-16
A vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attacker with low privileges to conduct directory traversal attacks and overwrite arbitrary files on an af…
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →