VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 207 of 275
  • CVE-2008-5894Jan 12, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.

  • CVE-2008-5883Jan 12, 2009
    risk 0.03cvss epss 0.03

    Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.

  • CVE-2008-5878Jan 8, 2009
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the (1) boxname…

  • CVE-2008-5862Jan 6, 2009
    risk 0.03cvss epss 0.06

    Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI.

  • CVE-2008-5861Jan 6, 2009
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2008-5860Jan 6, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file…

  • CVE-2008-5819Jan 2, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third…

  • CVE-2008-5818Jan 2, 2009
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in eDreamers eDContainer 2.22, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third…

  • CVE-2008-5794Dec 31, 2008
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in system/admin/images.php in LoveCMS 1.6.2 Final allows remote attackers to delete arbitrary files via a .. (dot dot) in the delete parameter.

  • CVE-2008-5787Dec 31, 2008
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action.

  • CVE-2008-5776Dec 30, 2008
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter to index.php. NOTE: in some environments,…

  • CVE-2008-5771Dec 30, 2008
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.

  • CVE-2008-5752Dec 30, 2008
    risk 0.03cvss epss 0.06

    Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details…

  • CVE-2008-5728Dec 26, 2008
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in…

  • CVE-2008-5639Dec 17, 2008
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. (dot dot) in the m parameter.

  • CVE-2008-5604Dec 16, 2008
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.

  • CVE-2008-5598Dec 16, 2008
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. (dot dot) in the group parameter.

  • CVE-2008-5594Dec 16, 2008
    risk 0.03cvss epss 0.03

    Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.

  • CVE-2008-5593Dec 16, 2008
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.

  • CVE-2008-5579Dec 15, 2008
    risk 0.03cvss epss 0.03

    Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter.