• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2022-0665

February 23, 2023 by

Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2.

CVE-2022-0493

February 23, 2023 by

The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files to be searched, allowing high privilege users such as admin to query arbitrary files on the web server via a path traversal vector. Furthermore, due to a flaw in the search, allowing a pattern to be provided, which will be used to output the relevant matches from the matching file, all content of the file can be disclosed.

CVE-2022-0401

February 23, 2023 by

Path Traversal in NPM w-zip prior to 1.0.12.

CVE-2022-0436

February 23, 2023 by

Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.

CVE-2022-0320

February 23, 2023 by

The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques.

CVE-2022-0223

February 23, 2023 by

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause unauthenticated code execution. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22)

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 508
  • Go to page 509
  • Go to page 510
  • Go to page 511
  • Go to page 512
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE