CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3363

3363 vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-2270	Local privilege escalation — Netskope Client	7.0	High	2023-06-15
CVE-2023-3241	OTCMS path traversal — OTCMS	3.5	Low	2023-06-14
CVE-2023-2278	WP Directory Kit <= 1.1.9 - Unauthenticated Local File Inclusion via wdk_public_action — WP Directory Kit	9.8	Critical	2023-06-13
CVE-2023-34342	BMC AMI 路径遍历漏洞 — MegaRAC_SPx	6.0	Medium	2023-06-12
CVE-2023-34345	BMC AMI 路径遍历漏洞 — MegaRAC_SPx	6.5	Medium	2023-06-12
CVE-2023-2688	WordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Path Traversal — Iptanus File Upload	4.9	Medium	2023-06-09
CVE-2023-3172	Path Traversal in froxlor/froxlor — froxlor/froxlor	2.7	-	2023-06-09
CVE-2023-34096	Thruk has Path Traversal Vulnerability in panorama.pm — Thruk	6.5	Medium	2023-06-08
CVE-2023-34238	Local File Inclusion vulnerability in Gatsby — gatsby	4.3	Medium	2023-06-07
CVE-2023-29502	PTC Vuforia Studio Path Traversal — Vuforia Studio	6.2	Medium	2023-06-07
CVE-2023-1864	FANUC ROBOGUIDE-HandlingPRO Path Traversal — ROBOGUIDE-HandlingPRO	6.8	Medium	2023-06-07
CVE-2020-36728	Adning Advertising <= 1.5.5 - Unauthenticated Arbitrary File Deletion via Path Traversal — Adning Advertising	6.5	Medium	2023-06-07
CVE-2023-3031	Prestahop module King-Avis - Path traversal — King-Avis	4.9	Medium	2023-06-02
CVE-2023-2909	A Directory traversal vulnerability was found on EZ Sync service of ADM — ADM	8.5	High	2023-05-31
CVE-2023-2435	Blog-in-Blog <= 2.0.0 - Authenticated (Editor+) Local File Inclusion via Shortcode — Blog-in-Blog	7.2	High	2023-05-31
CVE-2023-33177	Xibo CMS vulnerable to Remote Code Execution through Zip Slip — xibo-cms	8.8	High	2023-05-30
CVE-2023-32676	Autolab tar slip in Install Assessment functionality (`GHSL-2023-081`) — Autolab	6.7	Medium	2023-05-26
CVE-2023-32317	Autolab tar slip in cheat checker functionality (`GHSL-2023-082`) — Autolab	6.7	Medium	2023-05-26
CVE-2023-32315	Openfire administration console authentication bypass — Openfire	8.6	High	2023-05-26
CVE-2022-36328	Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices — My Cloud Home and My Cloud Home Duo	5.8	Medium	2023-05-18
CVE-2022-36327	Path traversal vulnerability leading to an arbitrary file write in Western Digital devices — My Cloud Home and My Cloud Home Duo	5.8	Medium	2023-05-18
CVE-2023-32322	Arbitrary file read in Ombi — Ombi	4.9	Medium	2023-05-18
CVE-2023-2745	WordPress Core < 6.2.1 - Directory Traversal — WordPress	5.4	Medium	2023-05-17
CVE-2023-2196	Missing permission checks in Code Dx Plugin — Jenkins Code Dx Plugin	4.3	Medium	2023-05-16
CVE-2023-31131	Arbitrary File Write when Extracting Tarballs in greenplum-db — gpdb	7.4	High	2023-05-15
CVE-2023-32309	Arbitrary file inclusion with the pymdowm-snippets extension — pymdown-extensions	7.5	High	2023-05-15
CVE-2023-31166	Improper Limitation of a Pathname to a Restricted Directory — SEL-3505	4.1	Medium	2023-05-10
CVE-2023-26126	m.static 路径遍历漏洞 — m.static	7.5	High	2023-05-10
CVE-2023-29128	Siemens SIMATIC Cloud Connect 路径遍历漏洞 — SIMATIC Cloud Connect 7 CC712	3.8	Low	2023-05-09
CVE-2023-29104	Siemens SIMATIC Cloud Connect 路径遍历漏洞 — SIMATIC Cloud Connect 7 CC712	6.0	Medium	2023-05-09

Vulnerabilities classified as CWE-22 (对路径名的限制不恰当(路径遍历)) represent 3363 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-22 (对路径名的限制不恰当(路径遍历)) — Vulnerability Class 3363