VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 205 of 275
  • CVE-2008-6167Feb 19, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.

  • CVE-2009-0596Feb 16, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.

  • CVE-2008-6139Feb 14, 2009
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in faqsupport/wce.download.php in WebBiscuits Modules Controller 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter.

  • CVE-2008-6126Feb 13, 2009
    risk 0.03cvss epss 0.03

    Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589.

  • CVE-2009-0570Feb 13, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these…

  • CVE-2009-0535Feb 11, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in export.php in Thyme 1.3 and earlier, when register_globals is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the export_to parameter.

  • CVE-2008-6112Feb 11, 2009
    risk 0.03cvss epss 0.03

    Multiple directory traversal vulnerabilities in Ez Ringtone Manager allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a detail action to (1) main.php and (2) template.php in ringtones/.

  • CVE-2009-0515Feb 11, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.

  • CVE-2009-0514Feb 11, 2009
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.

  • CVE-2009-0457Feb 10, 2009
    risk 0.03cvss epss 0.06

    Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the…

  • CVE-2009-0448Feb 10, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.

  • CVE-2009-0442Feb 10, 2009
    risk 0.03cvss epss 0.05

    Directory traversal vulnerability in bbcode.php in PHPbbBook 1.3 and 1.3h allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the l parameter.

  • CVE-2008-6090Feb 6, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a .. (dot dot) in the dir parameter in a view action.

  • CVE-2008-6089Feb 6, 2009
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a download action.

  • CVE-2008-6083Feb 6, 2009
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.

  • CVE-2008-6074Feb 6, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the importFunction parameter.

  • CVE-2009-0423Feb 5, 2009
    risk 0.03cvss epss 0.06

    Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the preview parameter.

  • CVE-2008-6025Feb 3, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the obj parameter.

  • CVE-2009-0392Feb 3, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter.

  • CVE-2008-6018Feb 2, 2009
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.