VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 179 of 275
  • CVE-2011-5219Oct 25, 2012
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in examples/show_code.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

  • CVE-2009-5067Oct 10, 2012
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web…

  • CVE-2012-5344Oct 9, 2012
    risk 0.04cvss epss 0.07

    Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a HTTP request.

  • CVE-2012-5335Oct 8, 2012
    risk 0.04cvss epss 0.07

    Directory traversal vulnerability in Tiny Server 1.1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the URI of an HTTP request.

  • CVE-2011-4640Oct 8, 2012
    risk 0.04cvss epss 0.07

    Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action.

  • CVE-2010-5278Oct 7, 2012
    risk 0.04cvss epss 0.17

    Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of…

  • CVE-2012-5100Sep 23, 2012
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO.

  • CVE-2012-4878Sep 6, 2012
    risk 0.04cvss epss 0.09

    Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.

  • CVE-2011-4450Sep 5, 2012
    risk 0.04cvss epss 0.07

    Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. (dot dot) in the file parameter, as demonstrated by the /../../wikka.config.php pathname in a…

  • CVE-2011-5127Aug 26, 2012
    risk 0.04cvss epss 0.13

    Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.

  • CVE-2012-2227Aug 26, 2012
    risk 0.04cvss epss 0.10

    Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the default_lang parameter.

  • CVE-2012-2208Aug 14, 2012
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.

  • CVE-2012-4253Aug 13, 2012
    risk 0.04cvss epss 0.08

    Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files…

  • CVE-2012-3588Jun 19, 2012
    risk 0.04cvss epss 0.11

    Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter.

  • CVE-2009-5114Mar 19, 2012
    risk 0.04cvss epss 0.14

    Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.

  • CVE-2012-0996Feb 24, 2012
    risk 0.04cvss epss 0.10

    Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.

  • CVE-2012-0991Feb 7, 2012
    risk 0.04cvss epss 0.11

    Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in…

  • CVE-2011-4878Feb 3, 2012
    risk 0.04cvss epss 0.12

    Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime…

  • CVE-2011-4876Feb 3, 2012
    risk 0.04cvss epss 0.10

    Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when…

  • CVE-2012-0981Feb 2, 2012
    risk 0.04cvss epss 0.11

    Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. NOTE: Some of these details are obtained from third party information.