CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 197 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4315 | 0.03 | — | 0.02 | Dec 14, 2009 | Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating… | |||
| CVE-2009-4231 | 0.03 | — | 0.02 | Dec 8, 2009 | Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter. | |||
| CVE-2009-4216 | 0.03 | — | 0.06 | Dec 7, 2009 | Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter. | |||
| CVE-2009-4205 | 0.03 | — | 0.02 | Dec 4, 2009 | Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter. | |||
| CVE-2009-4192 | 0.03 | — | 0.03 | Dec 3, 2009 | Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third… | |||
| CVE-2009-4154 | 0.03 | — | 0.03 | Dec 2, 2009 | Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | |||
| CVE-2009-4088 | 0.03 | — | 0.03 | Nov 29, 2009 | Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the… | |||
| CVE-2009-4056 | 0.03 | — | 0.02 | Nov 24, 2009 | Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter. | |||
| CVE-2009-3912 | 0.03 | — | 0.03 | Nov 9, 2009 | Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter. | |||
| CVE-2009-3902 | 0.03 | — | 0.04 | Nov 6, 2009 | Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL. | |||
| CVE-2009-3825 | 0.03 | — | 0.02 | Oct 28, 2009 | Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php. | |||
| CVE-2009-3824 | 0.03 | — | 0.02 | Oct 28, 2009 | Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter. | |||
| CVE-2009-3823 | 0.03 | — | 0.02 | Oct 28, 2009 | Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter. | |||
| CVE-2009-1479 | 0.03 | — | 0.02 | Oct 22, 2009 | Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. | |||
| CVE-2009-3694 | 0.03 | — | 0.02 | Oct 13, 2009 | Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter. | |||
| CVE-2009-3664 | 0.03 | — | 0.06 | Oct 11, 2009 | Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters. | |||
| CVE-2009-3561 | 0.03 | — | 0.03 | Oct 5, 2009 | Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action. | |||
| CVE-2009-3542 | 0.03 | — | 0.02 | Oct 2, 2009 | Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php. NOTE: in some environments, this can be leveraged for remote file… | |||
| CVE-2009-3535 | 0.03 | — | 0.05 | Oct 2, 2009 | Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the researcher also suggests an analogous PHP remote file inclusion vulnerability, but this may be incorrect. | |||
| CVE-2009-3534 | 0.03 | — | 0.04 | Oct 2, 2009 | Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. |
- CVE-2009-4315Dec 14, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating…
- CVE-2009-4231Dec 8, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter.
- CVE-2009-4216Dec 7, 2009risk 0.03cvss —epss 0.06
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.
- CVE-2009-4205Dec 4, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in admin.php in Flashlight Free Edition allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
- CVE-2009-4192Dec 3, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in dialog/file_manager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third…
- CVE-2009-4154Dec 2, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
- CVE-2009-4088Nov 29, 2009risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to (1) getjs.php and (2) getcsslocal.php; and include and execute arbitrary local files via the…
- CVE-2009-4056Nov 24, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in admin/popup.php in Betsy CMS 3.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the popup parameter.
- CVE-2009-3912Nov 9, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter.
- CVE-2009-3902Nov 6, 2009risk 0.03cvss —epss 0.04
Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL.
- CVE-2009-3825Oct 28, 2009risk 0.03cvss —epss 0.02
Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.
- CVE-2009-3824Oct 28, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter.
- CVE-2009-3823Oct 28, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter.
- CVE-2009-1479Oct 22, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in client/desktop/default.htm in Boxalino before 09.05.25-0421 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter.
- CVE-2009-3694Oct 13, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg[prePath] parameter.
- CVE-2009-3664Oct 11, 2009risk 0.03cvss —epss 0.06
Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.
- CVE-2009-3561Oct 5, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action.
- CVE-2009-3542Oct 2, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in ls.php in LittleSite (aka LS or LittleSite.php) 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to index.php. NOTE: in some environments, this can be leveraged for remote file…
- CVE-2009-3535Oct 2, 2009risk 0.03cvss —epss 0.05
Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. NOTE: the researcher also suggests an analogous PHP remote file inclusion vulnerability, but this may be incorrect.
- CVE-2009-3534Oct 2, 2009risk 0.03cvss —epss 0.04
Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.