CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (3,730)
page 127 of 187| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-4315 | 0.03 | — | 0.02 | Dec 14, 2009 | Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code. | ||
| CVE-2009-4231 | 0.03 | — | 0.01 | Dec 8, 2009 | Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter. | ||
| CVE-2009-4216 | 0.03 | — | 0.02 | Dec 7, 2009 | Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | ||
| CVE-2009-4205 | 0.03 | — | 0.02 | Dec 4, 2009 | Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | ||
| CVE-2009-4202 | 0.03 | — | 0.05 | Dec 4, 2009 | Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | ||
| CVE-2009-4192 | 0.03 | — | 0.01 | Dec 3, 2009 | Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2009-4154 | 0.03 | — | 0.02 | Dec 2, 2009 | Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||
| CVE-2009-3898 | 0.03 | — | 0.01 | Nov 24, 2009 | Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method. | ||
| CVE-2009-4056 | 0.03 | — | 0.03 | Nov 24, 2009 | Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter. | ||
| CVE-2009-4050 | 0.03 | — | 0.01 | Nov 23, 2009 | Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||
| CVE-2009-3912 | 0.03 | — | 0.03 | Nov 9, 2009 | Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter. | ||
| CVE-2009-3825 | 0.03 | — | 0.02 | Oct 28, 2009 | Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php. | ||
| CVE-2009-3824 | 0.03 | — | 0.02 | Oct 28, 2009 | Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter. | ||
| CVE-2009-3823 | 0.03 | — | 0.01 | Oct 28, 2009 | Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter. | ||
| CVE-2009-3787 | 0.03 | — | 0.04 | Oct 26, 2009 | files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence. | ||
| CVE-2009-3625 | 0.03 | — | 0.06 | Oct 26, 2009 | Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. | ||
| CVE-2009-1479 | 0.03 | — | 0.02 | Oct 22, 2009 | Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | ||
| CVE-2009-3694 | 0.03 | — | 0.01 | Oct 13, 2009 | Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter. | ||
| CVE-2009-3664 | 0.03 | — | 0.02 | Oct 11, 2009 | Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters. | ||
| CVE-2009-3561 | 0.03 | — | 0.01 | Oct 5, 2009 | Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action. |
- CVE-2009-4315Dec 14, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code.
- CVE-2009-4231Dec 8, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter.
- CVE-2009-4216Dec 7, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.
- CVE-2009-4205Dec 4, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
- CVE-2009-4202Dec 4, 2009risk 0.03cvss —epss 0.05
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
- CVE-2009-4192Dec 3, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2009-4154Dec 2, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
- CVE-2009-3898Nov 24, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
- CVE-2009-4056Nov 24, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter.
- CVE-2009-4050Nov 23, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- CVE-2009-3912Nov 9, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter.
- CVE-2009-3825Oct 28, 2009risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.
- CVE-2009-3824Oct 28, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter.
- CVE-2009-3823Oct 28, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter.
- CVE-2009-3787Oct 26, 2009risk 0.03cvss —epss 0.04
files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence.
- CVE-2009-3625Oct 26, 2009risk 0.03cvss —epss 0.06
Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
- CVE-2009-1479Oct 22, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
- CVE-2009-3694Oct 13, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter.
- CVE-2009-3664Oct 11, 2009risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.
- CVE-2009-3561Oct 5, 2009risk 0.03cvss —epss 0.01
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.