CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 187 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1031 | 0.04 | — | 0.11 | Mar 20, 2009 | Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request. | |||
| CVE-2009-0886 | 0.04 | — | 0.07 | Mar 12, 2009 | Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter. | |||
| CVE-2008-6423 | 0.04 | — | 0.07 | Mar 6, 2009 | Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter. | |||
| CVE-2009-0680 | 0.04 | — | 0.08 | Feb 22, 2009 | cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences. | |||
| CVE-2008-6222 | 0.04 | — | 0.12 | Feb 20, 2009 | Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. | |||
| CVE-2008-6172 | 0.04 | — | 0.12 | Feb 19, 2009 | Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img… | |||
| CVE-2009-0645 | 0.04 | — | 0.06 | Feb 18, 2009 | Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445. | |||
| CVE-2009-0497 | 0.04 | — | 0.08 | Feb 10, 2009 | Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter. | |||
| CVE-2008-6080 | 0.04 | — | 0.11 | Feb 6, 2009 | Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||
| CVE-2009-0291 | 0.04 | — | 0.07 | Jan 27, 2009 | Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter. | |||
| CVE-2008-5965 | 0.04 | — | 0.06 | Jan 26, 2009 | Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter. | |||
| CVE-2008-5919 | 0.04 | — | 0.06 | Jan 21, 2009 | Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter. | |||
| CVE-2009-0113 | 0.04 | — | 0.07 | Jan 9, 2009 | Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header. | |||
| CVE-2008-5881 | 0.04 | — | 0.07 | Jan 9, 2009 | Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to… | |||
| CVE-2008-5856 | 0.04 | — | 0.08 | Jan 6, 2009 | Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | |||
| CVE-2008-5642 | 0.04 | — | 0.09 | Dec 17, 2008 | Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. | |||
| CVE-2008-5587 | 0.04 | — | 0.13 | Dec 16, 2008 | Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php. | |||
| CVE-2008-5062 | 0.04 | — | 0.08 | Nov 13, 2008 | Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to read arbitrary files via directory traversal sequences in the thefile parameter. | |||
| CVE-2008-4769 | 0.04 | — | 0.09 | Oct 28, 2008 | Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details… | |||
| CVE-2008-4764 | 0.04 | — | 0.17 | Oct 28, 2008 | Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action. |
- CVE-2009-1031Mar 20, 2009risk 0.04cvss —epss 0.11
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
- CVE-2009-0886Mar 12, 2009risk 0.04cvss —epss 0.07
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.
- CVE-2008-6423Mar 6, 2009risk 0.04cvss —epss 0.07
Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter.
- CVE-2009-0680Feb 22, 2009risk 0.04cvss —epss 0.08
cgi-bin/welcome/VPN_only in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service (device crash) via a crafted query string, as demonstrated using directory traversal sequences.
- CVE-2008-6222Feb 20, 2009risk 0.04cvss —epss 0.12
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
- CVE-2008-6172Feb 19, 2009risk 0.04cvss —epss 0.12
Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img…
- CVE-2009-0645Feb 18, 2009risk 0.04cvss —epss 0.06
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
- CVE-2009-0497Feb 10, 2009risk 0.04cvss —epss 0.08
Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the log parameter.
- CVE-2008-6080Feb 6, 2009risk 0.04cvss —epss 0.11
Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
- CVE-2009-0291Jan 27, 2009risk 0.04cvss —epss 0.07
Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.
- CVE-2008-5965Jan 26, 2009risk 0.04cvss —epss 0.06
Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a .. (dot dot) in the page parameter.
- CVE-2008-5919Jan 21, 2009risk 0.04cvss —epss 0.06
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.
- CVE-2009-0113Jan 9, 2009risk 0.04cvss —epss 0.07
Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the X_CMS_LIBRARY_PATH HTTP header.
- CVE-2008-5881Jan 9, 2009risk 0.04cvss —epss 0.07
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to…
- CVE-2008-5856Jan 6, 2009risk 0.04cvss —epss 0.08
Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.
- CVE-2008-5642Dec 17, 2008risk 0.04cvss —epss 0.09
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie.
- CVE-2008-5587Dec 16, 2008risk 0.04cvss —epss 0.13
Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
- CVE-2008-5062Nov 13, 2008risk 0.04cvss —epss 0.08
Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to read arbitrary files via directory traversal sequences in the thefile parameter.
- CVE-2008-4769Oct 28, 2008risk 0.04cvss —epss 0.09
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details…
- CVE-2008-4764Oct 28, 2008risk 0.04cvss —epss 0.17
Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.