CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 266 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-2968 | 0.00 | — | 0.02 | Sep 2, 2009 | Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors. | |||
| CVE-2008-7093 | 0.00 | — | 0.02 | Aug 26, 2009 | Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to… | |||
| CVE-2009-2931 | 0.00 | — | 0.02 | Aug 21, 2009 | Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter. | |||
| CVE-2009-2659 | 0.00 | — | 0.02 | Aug 4, 2009 | The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | |||
| CVE-2009-2658 | 0.00 | — | 0.03 | Aug 4, 2009 | Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | |||
| CVE-2008-6878 | 0.00 | — | 0.02 | Jul 27, 2009 | Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE:… | |||
| CVE-2008-6877 | 0.00 | — | 0.02 | Jul 27, 2009 | Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this… | |||
| CVE-2009-2546 | 0.00 | — | 0.01 | Jul 20, 2009 | Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provenance… | |||
| CVE-2009-2047 | 0.00 | — | 0.02 | Jul 16, 2009 | Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified… | |||
| CVE-2009-2449 | 0.00 | — | 0.02 | Jul 13, 2009 | Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter. | |||
| CVE-2009-2444 | 0.00 | — | 0.02 | Jul 13, 2009 | Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php. | |||
| CVE-2009-2224 | 0.00 | — | 0.01 | Jun 26, 2009 | Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter. | |||
| CVE-2009-2222 | 0.00 | — | 0.02 | Jun 26, 2009 | Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors, probably related to mail. | |||
| CVE-2008-5515 | 0.00 | — | 0.19 | Jun 16, 2009 | Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access… | |||
| CVE-2009-1760 | 0.00 | — | 0.02 | Jun 11, 2009 | Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative… | |||
| CVE-2009-2007 | 0.00 | — | 0.02 | Jun 8, 2009 | Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read… | |||
| CVE-2009-1737 | 0.00 | — | 0.02 | May 20, 2009 | Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. (dot dot) in the dir parameter. | |||
| CVE-2009-1559 | 0.00 | — | 0.02 | May 6, 2009 | Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a ..… | |||
| CVE-2008-6786 | 0.00 | — | 0.02 | May 1, 2009 | Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions. | |||
| CVE-2008-5518 | 0.00 | — | 0.36 | Apr 17, 2009 | Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3)… |
- CVE-2009-2968Sep 2, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors.
- CVE-2008-7093Aug 26, 2009risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to…
- CVE-2009-2931Aug 21, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter.
- CVE-2009-2659Aug 4, 2009risk 0.00cvss —epss 0.02
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL.
- CVE-2009-2658Aug 4, 2009risk 0.00cvss —epss 0.03
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
- CVE-2008-6878Jul 27, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE:…
- CVE-2008-6877Jul 27, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this…
- CVE-2009-2546Jul 20, 2009risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote attackers to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provenance…
- CVE-2009-2047Jul 16, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified…
- CVE-2009-2449Jul 13, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter.
- CVE-2009-2444Jul 13, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php.
- CVE-2009-2224Jun 26, 2009risk 0.00cvss —epss 0.01
Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter.
- CVE-2009-2222Jun 26, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors, probably related to mail.
- CVE-2008-5515Jun 16, 2009risk 0.00cvss —epss 0.19
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access…
- CVE-2009-1760Jun 11, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative…
- CVE-2009-2007Jun 8, 2009risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to (1) read portions of arbitrary files via a .. (dot dot) and a ..\ (dot dot backslash) in the lang parameter to main/exercice/hotspot_lang_conversion.php and (2) read…
- CVE-2009-1737May 20, 2009risk 0.00cvss —epss 0.02
Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. (dot dot) in the dir parameter.
- CVE-2009-1559May 6, 2009risk 0.00cvss —epss 0.02
Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a ..…
- CVE-2008-6786May 1, 2009risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions.
- CVE-2008-5518Apr 17, 2009risk 0.00cvss —epss 0.36
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3)…