CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (3,719)
page 138 of 186| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-5598 | 0.03 | — | 0.04 | Dec 16, 2008 | Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter. | ||
| CVE-2008-5594 | 0.03 | — | 0.04 | Dec 16, 2008 | Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters. | ||
| CVE-2008-5593 | 0.03 | — | 0.04 | Dec 16, 2008 | Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters. | ||
| CVE-2008-5587 | 0.03 | — | 0.02 | Dec 16, 2008 | Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php. | ||
| CVE-2008-5579 | 0.03 | — | 0.04 | Dec 15, 2008 | Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter. | ||
| CVE-2008-5418 | 0.03 | — | 0.03 | Dec 10, 2008 | Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter. | ||
| CVE-2008-5291 | 0.03 | — | 0.04 | Dec 1, 2008 | Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165. | ||
| CVE-2008-5272 | 0.03 | — | 0.03 | Nov 28, 2008 | Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, reached through starnet/index.php; and (3) starnet/modules/sn_newsletter/edit_content.php, reached through starnet/index.php. | ||
| CVE-2008-5265 | 0.03 | — | 0.04 | Nov 28, 2008 | Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the modulo parameter. | ||
| CVE-2008-5217 | 0.03 | — | 0.03 | Nov 24, 2008 | Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. | ||
| CVE-2008-5209 | 0.03 | — | 0.04 | Nov 24, 2008 | Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||
| CVE-2008-5204 | 0.03 | — | 0.02 | Nov 21, 2008 | Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter to (1) agb.php, (2) angemeldet.php, (3) anmelden.php, (4) charts.php, (5) external_vote.php, (6) guestbook.php, (7) impressum.php, (8) index.php, (9) rss-reader.php, (10) statistic.php, (11) teilnehmer.php, (12) topsites.php, (13) votecode.php, (14) voting.php, and (15) winner.php. | ||
| CVE-2008-5201 | 0.03 | — | 0.02 | Nov 21, 2008 | Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. | ||
| CVE-2008-5175 | 0.03 | — | 0.02 | Nov 19, 2008 | Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||
| CVE-2008-5171 | 0.03 | — | 0.03 | Nov 19, 2008 | Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters. | ||
| CVE-2008-4894 | 0.03 | — | 0.04 | Nov 4, 2008 | Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. NOTE: it was later reported that this issue also affects 5.0.12c. | ||
| CVE-2008-4913 | 0.03 | — | 0.04 | Nov 4, 2008 | Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter. | ||
| CVE-2008-4781 | 0.03 | — | 0.03 | Oct 29, 2008 | Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter. | ||
| CVE-2008-4780 | 0.03 | — | 0.03 | Oct 29, 2008 | Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter. | ||
| CVE-2008-4773 | 0.03 | — | 0.04 | Oct 28, 2008 | Directory traversal vulnerability in main/main.php in QuestCMS allows remote attackers to read arbitrary local files via a .. (dot dot) in the theme parameter. |
- CVE-2008-5598Dec 16, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter.
- CVE-2008-5594Dec 16, 2008risk 0.03cvss —epss 0.04
Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
- CVE-2008-5593Dec 16, 2008risk 0.03cvss —epss 0.04
Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
- CVE-2008-5587Dec 16, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
- CVE-2008-5579Dec 15, 2008risk 0.03cvss —epss 0.04
Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.
- CVE-2008-5418Dec 10, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
- CVE-2008-5291Dec 1, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165.
- CVE-2008-5272Nov 28, 2008risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, reached through starnet/index.php; and (3) starnet/modules/sn_newsletter/edit_content.php, reached through starnet/index.php.
- CVE-2008-5265Nov 28, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the modulo parameter.
- CVE-2008-5217Nov 24, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
- CVE-2008-5209Nov 24, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in modules/download/get_file.php in Admidio 1.4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
- CVE-2008-5204Nov 21, 2008risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter to (1) agb.php, (2) angemeldet.php, (3) anmelden.php, (4) charts.php, (5) external_vote.php, (6) guestbook.php, (7) impressum.php, (8) index.php, (9) rss-reader.php, (10) statistic.php, (11) teilnehmer.php, (12) topsites.php, (13) votecode.php, (14) voting.php, and (15) winner.php.
- CVE-2008-5201Nov 21, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
- CVE-2008-5175Nov 19, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in the FTP client in AceFTP Freeware 3.80.3 and AceFTP Pro 3.80.3 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
- CVE-2008-5171Nov 19, 2008risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters.
- CVE-2008-4894Nov 4, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the template_path parameter. NOTE: it was later reported that this issue also affects 5.0.12c.
- CVE-2008-4913Nov 4, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter.
- CVE-2008-4781Oct 29, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
- CVE-2008-4780Oct 29, 2008risk 0.03cvss —epss 0.03
Directory traversal vulnerability in admin/centre.php in MyForum 1.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the padmin parameter.
- CVE-2008-4773Oct 28, 2008risk 0.03cvss —epss 0.04
Directory traversal vulnerability in main/main.php in QuestCMS allows remote attackers to read arbitrary local files via a .. (dot dot) in the theme parameter.