VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 109 of 275
  • CVE-2017-3188MedJul 24, 2018
    risk 0.42cvss 6.5epss 0.03

    The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly…

  • CVE-2018-14371HigJul 18, 2018
    risk 0.42cvss 7.5epss 0.04

    The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.

  • CVE-2018-14363HigJul 17, 2018
    risk 0.42cvss 7.5epss 0.02

    An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.

  • CVE-2018-7770MedJul 3, 2018
    risk 0.42cvss 6.5epss 0.01

    The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address.

  • CVE-2017-16859MedJun 28, 2018
    risk 0.42cvss 6.5epss 0.03

    The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability…

  • CVE-2018-12560MedJun 19, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Arbitrary unmounts can be performed by regular users via directory traversal sequences such as a home/../sys/kernel substring.

  • CVE-2018-12530MedJun 18, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.

  • CVE-2018-12494MedJun 15, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI.

  • CVE-2018-12493MedJun 15, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsWebFile/list.html?path=../ URI.

  • CVE-2018-3732HigJun 7, 2018
    risk 0.42cvss 7.5epss 0.02

    resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path.

  • CVE-2018-3731HigJun 7, 2018
    risk 0.42cvss 7.5epss 0.02

    public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.

  • CVE-2018-3729HigJun 7, 2018
    risk 0.42cvss 7.5epss 0.02

    localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.

  • CVE-2017-16083HigJun 7, 2018
    risk 0.42cvss 7.5epss 0.02

    node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.

  • CVE-2018-10057MedJun 5, 2018
    risk 0.42cvss 6.5epss 0.02

    The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal).

  • CVE-2017-0930MedJun 4, 2018
    risk 0.42cvss 6.5epss 0.01

    augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.

  • CVE-2018-3733HigMay 29, 2018
    risk 0.42cvss 7.5epss 0.02

    crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.

  • CVE-2014-10068HigMay 29, 2018
    risk 0.42cvss 7.5epss 0.02

    The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false.

  • CVE-2018-11413MedMay 24, 2018
    risk 0.42cvss 6.5epss 0.02

    An issue was discovered in BearAdmin 0.5. Remote attackers can download arbitrary files via /admin/databack/download.html?name= directory traversal sequences, as demonstrated by name=../application/database.php to read the MySQL credentials in the configuration.

  • CVE-2018-11344MedMay 22, 2018
    risk 0.42cvss 6.5epss 0.01

    A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter.

  • CVE-2018-0323MedMay 17, 2018
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request…