VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 62 of 275
  • CVE-2019-15630HigAug 30, 2019
    risk 0.49cvss 7.5epss 0.03

    Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before…

  • CVE-2019-1020001HigJul 29, 2019
    risk 0.49cvss 7.5epss 0.02

    yard before 0.9.20 allows path traversal.

  • CVE-2019-11082HigMay 10, 2019
    risk 0.49cvss 7.5epss 0.02

    core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive.

  • CVE-2019-5423HigApr 3, 2019
    risk 0.49cvss 7.5epss 0.03

    Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker.

  • CVE-2019-5417HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.

  • CVE-2019-5416HigMar 21, 2019
    risk 0.49cvss 7.5epss 0.02

    A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server.

  • CVE-2018-16482HigFeb 1, 2019
    risk 0.49cvss 7.5epss 0.02

    A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.

  • CVE-2018-16479HigFeb 1, 2019
    risk 0.49cvss 7.5epss 0.02

    Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.

  • CVE-2018-1000817HigDec 20, 2018
    risk 0.49cvss 7.5epss 0.03

    Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be…

  • CVE-2018-20094HigDec 12, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java.

  • CVE-2018-16475HigNov 6, 2018
    risk 0.49cvss 7.5epss 0.02

    A Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server.

  • CVE-2018-18831HigOct 30, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java in MCMS 4.6.5. An attacker can write a .jsp file (in the position parameter) to an arbitrary directory via a ../ Directory Traversal in the url parameter.

  • CVE-2018-0405HigOct 5, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted…

  • CVE-2018-17838HigOct 1, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read operations are possible via a /console/#/console/file/manage.php?type=list&path=c:/ substring.

  • CVE-2018-17837HigOct 1, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring.

  • CVE-2018-17785HigSep 30, 2018
    risk 0.49cvss 7.5epss 0.02

    In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file.

  • CVE-2018-7102HigSep 27, 2018
    risk 0.49cvss 7.5epss 0.03

    A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification.

  • CVE-2018-17365HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter.

  • CVE-2018-17297HigSep 21, 2018
    risk 0.49cvss 7.5epss 0.03

    The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive.

  • CVE-2018-6500HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.04

    A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal.