CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 127 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-54520 | Med | 0.36 | 5.5 | 0.00 | Jan 27, 2025 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files. | ||
| CVE-2024-57784 | Med | 0.36 | 5.5 | 0.01 | Jan 16, 2025 | An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal. | ||
| CVE-2024-44190 | Med | 0.36 | 5.5 | 0.00 | Sep 17, 2024 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to read arbitrary files. | ||
| CVE-2024-44167 | Med | 0.36 | 5.5 | 0.01 | Sep 17, 2024 | This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. An app may be able to overwrite arbitrary files. | ||
| CVE-2024-27887 | Med | 0.36 | 5.5 | 0.00 | Jul 29, 2024 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data. | ||
| CVE-2024-27871 | Med | 0.36 | 5.5 | 0.00 | Jul 29, 2024 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data. | ||
| CVE-2024-37437 | Med | 0.36 | 5.5 | 0.00 | Jul 9, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor.This issue affects Elementor Website Builder: from n/a through <= 3.22.1. | ||
| CVE-2024-27827 | Med | 0.36 | 5.5 | 0.00 | May 14, 2024 | This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to read arbitrary files. | ||
| CVE-2024-27810 | Med | 0.36 | 5.5 | 0.01 | May 14, 2024 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to read sensitive location information. | ||
| CVE-2023-52144 | Med | 0.36 | 5.5 | 0.00 | Apr 15, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15. | ||
| CVE-2023-33544 | — | Med | 0.36 | 5.5 | 0.00 | Jun 1, 2023 | hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite. | |
| CVE-2023-0241 | — | Med | 0.36 | 6.5 | 0.09 | Mar 27, 2023 | pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database. | |
| CVE-2022-3146 | — | Med | 0.36 | 5.5 | 0.00 | Mar 23, 2023 | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to… | |
| CVE-2022-3101 | — | Med | 0.36 | 5.5 | 0.00 | Mar 23, 2023 | A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to… | |
| CVE-2023-27577 | Med | 0.36 | 6.6 | 0.01 | Mar 10, 2023 | flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on the server through the use of… | ||
| CVE-2022-40734 | — | Med | 0.36 | 6.5 | 0.04 | Sep 14, 2022 | UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0. | |
| CVE-2020-6950 | — | Med | 0.36 | 6.5 | 0.10 | Jun 2, 2021 | Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. | |
| CVE-2020-29556 | — | Med | 0.36 | 5.5 | 0.01 | Mar 15, 2021 | The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of… | |
| CVE-2019-19499 | — | Med | 0.36 | 6.5 | 0.04 | Aug 28, 2020 | Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | |
| CVE-2020-9689 | Med | 0.36 | 6.5 | 0.04 | Jul 29, 2020 | Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution. |
- risk 0.36cvss 5.5epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.
- risk 0.36cvss 5.5epss 0.01
An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal.
- risk 0.36cvss 5.5epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to read arbitrary files.
- risk 0.36cvss 5.5epss 0.01
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. An app may be able to overwrite arbitrary files.
- risk 0.36cvss 5.5epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.
- risk 0.36cvss 5.5epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data.
- risk 0.36cvss 5.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor.This issue affects Elementor Website Builder: from n/a through <= 3.22.1.
- risk 0.36cvss 5.5epss 0.00
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to read arbitrary files.
- risk 0.36cvss 5.5epss 0.01
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to read sensitive location information.
- risk 0.36cvss 5.5epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15.
- risk 0.36cvss 5.5epss 0.00
hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.
- risk 0.36cvss 6.5epss 0.09
pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.
- risk 0.36cvss 5.5epss 0.00
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to…
- risk 0.36cvss 5.5epss 0.00
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to…
- risk 0.36cvss 6.6epss 0.01
flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on the server through the use of…
- risk 0.36cvss 6.5epss 0.04
UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0.
- risk 0.36cvss 6.5epss 0.10
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
- risk 0.36cvss 5.5epss 0.01
The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of…
- risk 0.36cvss 6.5epss 0.04
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
- risk 0.36cvss 6.5epss 0.04
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.