VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 55 of 275
  • CVE-2024-33274HigApr 30, 2024
    risk 0.49cvss 7.5epss 0.01

    Directory Traversal vulnerability in FME Modules customfields v.2.2.7 and before allows a remote attacker to obtain sensitive information via the Custom Checkout Fields, Add Custom Fields to Checkout parameter of the ajax.php

  • CVE-2023-45385HigApr 30, 2024
    risk 0.49cvss 7.5epss 0.01

    ProQuality pqprintshippinglabels before v.4.15.0 is vulnerable to Directory Traversal via the pqprintshippinglabels module.

  • CVE-2024-31801HigApr 29, 2024
    risk 0.49cvss 7.5epss 0.01

    Directory Traversal vulnerability in NEXSYS-ONE before v.Rev.15320 allows a remote attacker to obtain sensitive information via a crafted request.

  • CVE-2023-47843HigApr 18, 2024
    risk 0.49cvss 7.6epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.

  • CVE-2024-31978HigApr 9, 2024
    risk 0.49cvss 7.6epss 0.00

    A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP2). Affected devices allow authenticated users to export monitoring data. The corresponding API endpoint is susceptible to path traversal and could allow an authenticated attacker to download files from the…

  • CVE-2024-27575HigApr 4, 2024
    risk 0.49cvss 7.5epss 0.01

    INOTEC Sicherheitstechnik WebServer CPS220/64 3.3.19 allows a remote attacker to read arbitrary files via absolute path traversal, such as with the /cgi-bin/display?file=/etc/passwd URI.

  • CVE-2021-31156HigMar 28, 2024
    risk 0.49cvss 7.5epss 0.01

    Allied Telesis AT-S115 1.2.0 devices before 1.00.024 with Boot Loader 1.00.006 allow Directory Traversal to achieve partial access to data.

  • CVE-2024-25136HigMar 26, 2024
    risk 0.49cvss 7.5epss 0.01

    There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content.

  • CVE-2023-40747HigMar 18, 2024
    risk 0.49cvss 7.5epss 0.01

    Directory traversal vulnerability exists in A.K.I Software's PMailServer/PMailServer2 products' CGIs included in Internal Simple Webserver. If this vulnerability is exploited, a remote attacker may access arbitrary files outside DocumentRoot.

  • CVE-2024-23904HigJan 24, 2024
    risk 0.49cvss 7.5epss 0.01

    Jenkins Log Command Plugin 1.0.2 and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read content from arbitrary files on the Jenkins…

  • CVE-2023-52289HigJan 13, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/<file_path> URI (from views.py), allows attackers to write to arbitrary files.

  • CVE-2023-52288HigJan 13, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a GET request to a /resource-data/<file_path>.txt URI (from views.py), allows attackers to read arbitrary files.

  • CVE-2023-50449HigDec 10, 2023
    risk 0.49cvss 7.5epss 0.01

    JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter.

  • CVE-2023-49735HigNov 30, 2023
    risk 0.49cvss 7.5epss 0.01

    ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key.…

  • CVE-2023-48848HigNov 28, 2023
    risk 0.49cvss 7.5epss 0.01

    An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path.

  • CVE-2023-6118HigNov 23, 2023
    risk 0.49cvss 7.5epss 0.01

    Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1.

  • CVE-2023-45823HigOct 19, 2023
    risk 0.49cvss 7.5epss 0.01

    Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which by using symbolic links in certain kinds of…

  • CVE-2023-45277HigOct 19, 2023
    risk 0.49cvss 7.5epss 0.01

    Yamcs 5.8.6 is vulnerable to directory traversal (issue 1 of 2). The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files.

  • CVE-2023-26152HigOct 3, 2023
    risk 0.49cvss 7.5epss 0.01

    All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.

  • CVE-2023-41578HigSep 8, 2023
    risk 0.49cvss 7.5epss 0.01

    Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.