CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 190 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5320 | 0.04 | — | 0.07 | Oct 9, 2007 | Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary… | |||
| CVE-2007-5299 | 0.04 | — | 0.08 | Oct 9, 2007 | Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/. | |||
| CVE-2007-5219 | 0.04 | — | 0.16 | Oct 5, 2007 | Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the… | |||
| CVE-2007-5110 | 0.04 | — | 0.07 | Sep 26, 2007 | Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE:… | |||
| CVE-2007-4976 | 0.04 | — | 0.09 | Sep 19, 2007 | Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter. | |||
| CVE-2007-4982 | 0.04 | — | 0.10 | Sep 19, 2007 | Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1)… | |||
| CVE-2007-4957 | 0.04 | — | 0.07 | Sep 18, 2007 | Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3)… | |||
| CVE-2007-4890 | 0.04 | — | 0.16 | Sep 14, 2007 | Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. … | |||
| CVE-2007-4805 | 0.04 | — | 0.07 | Sep 11, 2007 | Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter. | |||
| CVE-2007-4718 | 0.04 | — | 0.07 | Sep 5, 2007 | Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. | |||
| CVE-2007-4583 | 0.04 | — | 0.08 | Aug 29, 2007 | Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the… | |||
| CVE-2007-3487 | 0.04 | — | 0.09 | Jun 29, 2007 | Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method. | |||
| CVE-2006-6047 | 0.04 | — | 0.08 | Nov 22, 2006 | Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log… | |||
| CVE-2006-5846 | 0.04 | — | 0.12 | Nov 10, 2006 | Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773. | |||
| CVE-2006-5031 | 0.04 | — | 0.07 | Sep 27, 2006 | Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename. | |||
| CVE-2006-2516 | 0.04 | — | 0.06 | May 22, 2006 | mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to misc.php or (2)… | |||
| CVE-2005-2792 | 0.04 | — | 0.12 | Sep 2, 2005 | Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter. | |||
| CVE-2005-2033 | 0.04 | — | 0.07 | Jun 20, 2005 | Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. | |||
| CVE-2004-1444 | 0.04 | — | 0.09 | Dec 31, 2004 | Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request. | |||
| CVE-2004-1364 | 0.04 | — | 0.14 | Aug 4, 2004 | Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory. |
- CVE-2007-5320Oct 9, 2007risk 0.04cvss —epss 0.07
Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary…
- CVE-2007-5299Oct 9, 2007risk 0.04cvss —epss 0.08
Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a .. (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/.
- CVE-2007-5219Oct 5, 2007risk 0.04cvss —epss 0.16
Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the…
- CVE-2007-5110Sep 26, 2007risk 0.04cvss —epss 0.07
Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE:…
- CVE-2007-4976Sep 19, 2007risk 0.04cvss —epss 0.09
Directory traversal vulnerability in viewlog.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the log parameter.
- CVE-2007-4982Sep 19, 2007risk 0.04cvss —epss 0.10
Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1)…
- CVE-2007-4957Sep 18, 2007risk 0.04cvss —epss 0.07
Multiple directory traversal vulnerabilities in download.php in Chupix CMS 0.2.3 allow remote attackers to read or overwrite arbitrary files via a .. (dot dot) in the (1) fichier or (2) repertoire parameter, or create arbitrary directories via a .. (dot dot) in the (3)…
- CVE-2007-4890Sep 14, 2007risk 0.04cvss —epss 0.16
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. …
- CVE-2007-4805Sep 11, 2007risk 0.04cvss —epss 0.07
Directory traversal vulnerability in getgalldata.php in fuzzylime (cms) 3.0 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) in the p parameter.
- CVE-2007-4718Sep 5, 2007risk 0.04cvss —epss 0.07
Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
- CVE-2007-4583Aug 29, 2007risk 0.04cvss —epss 0.08
Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the…
- CVE-2007-3487Jun 29, 2007risk 0.04cvss —epss 0.09
Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method.
- CVE-2006-6047Nov 22, 2006risk 0.04cvss —epss 0.08
Directory traversal vulnerability in manager/index.php in Etomite 0.6.1.2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the f parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log…
- CVE-2006-5846Nov 10, 2006risk 0.04cvss —epss 0.12
Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773.
- CVE-2006-5031Sep 27, 2006risk 0.04cvss —epss 0.07
Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename.
- CVE-2006-2516May 22, 2006risk 0.04cvss —epss 0.06
mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to misc.php or (2)…
- CVE-2005-2792Sep 2, 2005risk 0.04cvss —epss 0.12
Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
- CVE-2005-2033Jun 20, 2005risk 0.04cvss —epss 0.07
Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter.
- CVE-2004-1444Dec 31, 2004risk 0.04cvss —epss 0.09
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.
- CVE-2004-1364Aug 4, 2004risk 0.04cvss —epss 0.14
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.