Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3364

3364 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-39621 WordPress ListingPro plugin <= 2.9.4 - Local File Inclusion vulnerability — ListingPro 8.0 High2024-08-01
CVE-2024-39624 WordPress ListingPro theme <= 2.9.4 - Local File Inclusion vulnerability — ListingPro 8.5 High2024-08-01
CVE-2024-7340 W&B Weave server remote arbitrary file leak and privilege escalation 8.8 High2024-07-31
CVE-2024-37129 Dell Inventory Collector 安全漏洞 — Dell Inventory Collector 6.7 Medium2024-07-31
CVE-2024-6255 Path Traversal in gaizhenbiao/chuanhuchatgpt — gaizhenbiao/chuanhuchatgpt 8.2 High2024-07-31
CVE-2024-41695 Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory — PineApp Mail Relay 7.5 High2024-07-30
CVE-2024-7248 Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability — Internet Security Pro 7.8AIHighAI2024-07-29
CVE-2024-41799 tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users — tgstation-server 8.4 High2024-07-29
CVE-2024-6885 MaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles <= 1.9.2 - Authenticated (Subscriber+) Arbitrary File Deletion — MaxiBlocks Builder | 17,000+ Design Assets, Patterns, Icons & Starter Sites 8.1 High2024-07-23
CVE-2024-6791 Directory Path Traversal Vulnerability in NI VeriStand with vsmodel Files — VeriStand 7.8 High2024-07-22
CVE-2024-39688 fishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config function — Bert-VITS2 6.5 Medium2024-07-22
CVE-2024-6949 Gargaj wuhu path traversal — wuhu 4.3 Medium2024-07-21
CVE-2024-3934 Mercado Pago payments for WooCommerce 7.3.0 - 7.6.1 - Authenticated (Subscriber+) Arbitrary File Download — Mercado Pago payments for WooCommerce 6.5 Medium2024-07-20
CVE-2024-6281 Path Traversal in parisneo/lollms — parisneo/lollms 7.5 -2024-07-20
CVE-2024-40628 Arbitrary File Read in Ansible Playbooks in Jumpserver — jumpserver 10.0 Critical2024-07-18
CVE-2024-40629 Arbitrary File Write in Ansible Playbooks leads to RCE in Jumpserver — jumpserver 10.0 Critical2024-07-18
CVE-2024-23467 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights Manager 9.6 Critical2024-07-17
CVE-2024-23466 SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability — Access Rights Manager 9.6 Critical2024-07-17
CVE-2024-23475 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights Manager 9.6 Critical2024-07-17
CVE-2024-23472 SolarWinds Access Rights Manager Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability — Access Rights Manager 9.6 Critical2024-07-17
CVE-2024-28993 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights Manager 7.6 High2024-07-17
CVE-2024-23468 SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability — Access Rights Manager 7.6 High2024-07-17
CVE-2024-23474 SolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability — Access Rights Manager 7.6 High2024-07-17
CVE-2024-5852 WordPress File Upload <= 4.24.7 - Authenticated (Contributor+) Directory Traversal — Iptanus File Upload 4.3 Medium2024-07-16
CVE-2024-39918 Path Traveral in @jmondi/url-to-png — url-to-png 4.3 Medium2024-07-15
CVE-2024-39741 IBM Datacap Navigator directory traversal — Datacap Navigator 4.3 Medium2024-07-15
CVE-2024-38717 WordPress Booking Ultra Pro Appointments Booking Calendar plugin <= 1.1.13 - Local File Inclusion vulnerability — Booking Ultra Pro 7.1 High2024-07-12
CVE-2024-38716 WordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerability — Events Calendar for Google 6.5 Medium2024-07-12
CVE-2024-39903 Local File Inclusion in Solara — solara 8.6 High2024-07-12
CVE-2024-38715 WordPress ExS Widgets plugin <= 0.3.1 - Local File Inclusion vulnerability — ExS Widgets 6.5 Medium2024-07-12

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3364 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.