CWE-22— Path Traversal
8,242 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-22page 39 of 165
- CVE-2017-16133HIGHCVSS 7.5EG 7.52018-06-07
goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16134HIGHCVSS 7.5EG 7.52018-06-07
http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16135HIGHCVSS 7.5EG 7.52018-06-07
serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16139HIGHCVSS 7.5EG 7.52018-06-07
jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to files with .htm and .js extensions.
- CVE-2017-16140HIGHCVSS 7.5EG 7.52018-06-07
lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16141HIGHCVSS 7.5EG 7.52018-06-07
lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16142HIGHCVSS 7.5EG 7.52018-06-07
infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16143HIGHCVSS 7.5EG 7.52018-06-07
commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16144HIGHCVSS 7.5EG 7.52018-06-07
myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16145HIGHCVSS 7.5EG 7.52018-06-07
sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16146HIGHCVSS 7.5EG 7.52018-06-07
mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16147HIGHCVSS 7.5EG 7.52018-06-07
shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16148HIGHCVSS 7.5EG 7.52018-06-07
serve46 is a static file server. serve46 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16149HIGHCVSS 7.5EG 7.52018-06-07
zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16150HIGHCVSS 7.5EG 7.52018-06-07
wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16152HIGHCVSS 7.5EG 7.52018-06-07
static-html-server is a static file server. static-html-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16153HIGHCVSS 7.5EG 7.52018-05-29
gaoxuyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16154HIGHCVSS 7.5EG 7.52018-06-07
earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16155HIGHCVSS 7.5EG 7.52018-06-07
fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16156HIGHCVSS 7.5EG 7.52018-06-07
myprolyz is a static file server. myprolyz is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16157HIGHCVSS 7.5EG 7.52018-06-07
censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16158HIGHCVSS 7.5EG 7.52018-06-07
dcserver is a static file server. dcserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16159HIGHCVSS 7.5EG 7.52018-06-07
caolilinode is a simple file server. caolilinode is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16160HIGHCVSS 7.5EG 7.52018-06-07
11xiaoli is a simple file server. 11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16161HIGHCVSS 7.5EG 7.52018-06-07
shenliru is a simple file server. shenliru is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16162HIGHCVSS 7.5EG 7.52018-06-07
22lixian is a simple file server. 22lixian is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16163HIGHCVSS 7.5EG 7.52018-06-07
dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16164HIGHCVSS 7.5EG 7.52018-06-07
desafio is a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url, but is limited to accessing only .html files.
- CVE-2017-16165HIGHCVSS 7.5EG 7.52018-06-07
calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16166HIGHCVSS 7.5EG 7.52018-06-07
byucslabsix is an http server. byucslabsix is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16167HIGHCVSS 7.5EG 7.52018-06-07
yyooopack is a simple file server. yyooopack is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16168HIGHCVSS 7.5EG 7.52018-06-07
wffserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16169HIGHCVSS 7.5EG 7.52018-06-07
looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16170HIGHCVSS 7.5EG 7.52018-06-07
liuyaserver is a static file server. liuyaserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16171HIGHCVSS 7.5EG 7.52018-06-07
hcbserver is a static file server. hcbserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16172HIGHCVSS 7.5EG 7.52018-06-07
section2.madisonjbrooks12 is a simple web server. section2.madisonjbrooks12 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16173HIGHCVSS 7.5EG 7.52018-06-07
utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16174HIGHCVSS 7.5EG 7.52018-06-07
whispercast is a file server. whispercast is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16175HIGHCVSS 7.5EG 7.52018-06-07
ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16176HIGHCVSS 7.5EG 7.52018-06-07
jansenstuffpleasework is a file server. jansenstuffpleasework is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16177HIGHCVSS 7.5EG 7.52018-06-07
chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16178HIGHCVSS 7.5EG 7.52018-06-07
intsol-package is a file server. intsol-package is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16179MEDIUMCVSS 5.3EG 5.32018-06-07
dasafio is a web server. dasafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. File access is restricted to only .html files.
- CVE-2017-16180HIGHCVSS 7.5EG 7.52018-06-07
serverabc is a static file server. serverabc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16181HIGHCVSS 7.5EG 7.52018-06-07
wintiwebdev is a static file server. wintiwebdev is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16182HIGHCVSS 7.5EG 7.52018-06-07
serverxxx is a static file server. serverxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16183HIGHCVSS 7.5EG 7.52018-06-07
iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16184HIGHCVSS 7.5EG 7.52018-06-07
scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16185HIGHCVSS 7.5EG 7.52018-06-07
uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
- CVE-2017-16186HIGHCVSS 7.5EG 7.52018-06-07
360class.jansenhm is a static file server. 360class.jansenhm is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Map vulnerabilities like CWE-22 to your infrastructure
EchelonGraph correlates every CVE — across CWE-22 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →