CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 195 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-4798 | 0.03 | — | 0.02 | Apr 27, 2011 | Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter. | |||
| CVE-2011-0751 | 0.03 | — | 0.04 | Mar 16, 2011 | Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI. | |||
| CVE-2011-1099 | 0.03 | — | 0.03 | Mar 9, 2011 | Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter… | |||
| CVE-2011-0903 | 0.03 | — | 0.02 | Feb 7, 2011 | Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote attackers to read arbitrary files and possibly have other unspecified impact via a .. (dot dot) in the (1) awcm_theme or (2) awcm_lang cookie to (a) index.php or (b) header.php. | |||
| CVE-2011-0506 | 0.03 | — | 0.03 | Jan 20, 2011 | Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to execute arbitrary code via a .. (dot dot) in the aXconf[default_language] parameter. | |||
| CVE-2011-0505 | 0.03 | — | 0.02 | Jan 20, 2011 | Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the set[template][value] parameter. | |||
| CVE-2011-0405 | 0.03 | — | 0.06 | Jan 11, 2011 | Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter. | |||
| CVE-2010-4613 | 0.03 | — | 0.06 | Dec 29, 2010 | Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php. | |||
| CVE-2010-4330 | 0.03 | — | 0.03 | Dec 7, 2010 | Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php. | |||
| CVE-2010-4406 | 0.03 | — | 0.02 | Dec 6, 2010 | Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter. | |||
| CVE-2010-4399 | 0.03 | — | 0.06 | Dec 6, 2010 | Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are… | |||
| CVE-2010-3486 | 0.03 | — | 0.03 | Sep 22, 2010 | Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter. | |||
| CVE-2010-3480 | 0.03 | — | 0.02 | Sep 22, 2010 | Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||
| CVE-2009-4986 | 0.03 | — | 0.02 | Aug 25, 2010 | Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter. | |||
| CVE-2009-4978 | 0.03 | — | 0.03 | Aug 25, 2010 | Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||
| CVE-2010-2920 | 0.03 | — | 0.06 | Jul 30, 2010 | Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||
| CVE-2009-4974 | 0.03 | — | 0.02 | Jul 28, 2010 | Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box parameter. | |||
| CVE-2010-2857 | 0.03 | — | 0.05 | Jul 25, 2010 | Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the cid parameter to album.html. | |||
| CVE-2010-2850 | 0.03 | — | 0.03 | Jul 25, 2010 | Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. | |||
| CVE-2010-2848 | 0.03 | — | 0.03 | Jul 25, 2010 | Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. |
- CVE-2010-4798Apr 27, 2011risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
- CVE-2011-0751Mar 16, 2011risk 0.03cvss —epss 0.04
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.
- CVE-2011-1099Mar 9, 2011risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter…
- CVE-2011-0903Feb 7, 2011risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in AR Web Content Manager (AWCM) 2.2 allow remote attackers to read arbitrary files and possibly have other unspecified impact via a .. (dot dot) in the (1) awcm_theme or (2) awcm_lang cookie to (a) index.php or (b) header.php.
- CVE-2011-0506Jan 20, 2011risk 0.03cvss —epss 0.03
Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to execute arbitrary code via a .. (dot dot) in the aXconf[default_language] parameter.
- CVE-2011-0505Jan 20, 2011risk 0.03cvss —epss 0.02
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the set[template][value] parameter.
- CVE-2011-0405Jan 11, 2011risk 0.03cvss —epss 0.06
Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the pgvaction parameter.
- CVE-2010-4613Dec 29, 2010risk 0.03cvss —epss 0.06
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) admin.php.
- CVE-2010-4330Dec 7, 2010risk 0.03cvss —epss 0.03
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.
- CVE-2010-4406Dec 6, 2010risk 0.03cvss —epss 0.02
Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled, allows remote attackers to list, include, and execute arbitrary local files via a ..// (dot dot slash slash) in the repertoire parameter.
- CVE-2010-4399Dec 6, 2010risk 0.03cvss —epss 0.06
Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the CHG_DYNPG_SET_LANGUAGE parameter to index.php. NOTE: some of these details are…
- CVE-2010-3486Sep 22, 2010risk 0.03cvss —epss 0.03
Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter.
- CVE-2010-3480Sep 22, 2010risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
- CVE-2009-4986Aug 25, 2010risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in In-Portal 4.3.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the env parameter.
- CVE-2009-4978Aug 25, 2010risk 0.03cvss —epss 0.03
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
- CVE-2010-2920Jul 30, 2010risk 0.03cvss —epss 0.06
Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
- CVE-2009-4974Jul 28, 2010risk 0.03cvss —epss 0.02
Directory traversal vulnerability in box_display.php in TotalCalendar 2.4 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the box parameter.
- CVE-2010-2857Jul 25, 2010risk 0.03cvss —epss 0.05
Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the cid parameter to album.html.
- CVE-2010-2850Jul 25, 2010risk 0.03cvss —epss 0.03
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
- CVE-2010-2848Jul 25, 2010risk 0.03cvss —epss 0.03
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter.