VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 127 of 275
  • CVE-2024-54520MedJan 27, 2025
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.

  • CVE-2024-57784MedJan 16, 2025
    risk 0.36cvss 5.5epss 0.01

    An issue in the component /php/script_uploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal.

  • CVE-2024-44190MedSep 17, 2024
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to read arbitrary files.

  • CVE-2024-44167MedSep 17, 2024
    risk 0.36cvss 5.5epss 0.01

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7, visionOS 2. An app may be able to overwrite arbitrary files.

  • CVE-2024-27887MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data.

  • CVE-2024-27871MedJul 29, 2024
    risk 0.36cvss 5.5epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data.

  • CVE-2024-37437MedJul 9, 2024
    risk 0.36cvss 5.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor.This issue affects Elementor Website Builder: from n/a through <= 3.22.1.

  • CVE-2024-27827MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.5, macOS Ventura 13.6.7. An app may be able to read arbitrary files.

  • CVE-2024-27810MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.01

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, watchOS 10.5. An app may be able to read sensitive location information.

  • CVE-2023-52144MedApr 15, 2024
    risk 0.36cvss 5.5epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15.

  • CVE-2023-33544MedJun 1, 2023
    risk 0.36cvss 5.5epss 0.00

    hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input malicious zip files, which can result in the high-risk files after decompression being stored in any location, even leading to file overwrite.

  • CVE-2023-0241MedMar 27, 2023
    risk 0.36cvss 6.5epss 0.09

    pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or alter the database.

  • CVE-2022-3146MedMar 23, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to…

  • CVE-2022-3101MedMar 23, 2023
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file, leading to…

  • CVE-2023-27577MedMar 10, 2023
    risk 0.36cvss 6.6epss 0.01

    flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the `LESS` parser which can be exploited to read sensitive files on the server through the use of…

  • CVE-2022-40734MedSep 14, 2022
    risk 0.36cvss 6.5epss 0.04

    UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0.

  • CVE-2020-6950MedJun 2, 2021
    risk 0.36cvss 6.5epss 0.10

    Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.

  • CVE-2020-29556MedMar 15, 2021
    risk 0.36cvss 5.5epss 0.01

    The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of…

  • CVE-2019-19499MedAug 28, 2020
    risk 0.36cvss 6.5epss 0.04

    Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.

  • CVE-2020-9689MedJul 29, 2020
    risk 0.36cvss 6.5epss 0.04

    Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.