VYPR

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

BaseStableLikelihood: High

Description

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79

CVEs mapped to this weakness (5,488)

page 74 of 275
  • CVE-2015-4704HigMay 23, 2017
    risk 0.49cvss 7.5epss 0.05

    Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php.

  • CVE-2017-6652HigMay 18, 2017
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability…

  • CVE-2017-9030HigMay 17, 2017
    risk 0.49cvss 7.5epss 0.02

    The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.

  • CVE-2016-10331HigMay 12, 2017
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.

  • CVE-2017-8921HigMay 12, 2017
    risk 0.49cvss 7.5epss 0.01

    In FlightGear before 2017.2.1, the FGCommand interface allows overwriting any file the user has write access to, but not with arbitrary data: only with the contents of a FlightGear flightplan (XML). A resource such as a malicious third-party aircraft could exploit this to damage…

  • CVE-2017-2163HigMay 12, 2017
    risk 0.49cvss 7.5epss 0.02

    Directory traversal vulnerability in SOY CMS Ver.1.8.1 to Ver.1.8.12 allows authenticated attackers to read arbitrary files via shop_id.

  • CVE-2017-8868HigMay 10, 2017
    risk 0.49cvss 7.5epss 0.02

    acp/core/files.browser.php in flatCore 1.4.7 allows file deletion via directory traversal in the delete parameter to acp/acp.php. The risk might be limited to requests submitted through CSRF.

  • CVE-2017-8853HigMay 9, 2017
    risk 0.49cvss 7.5epss 0.01

    Fiyo CMS v2.0.7 has an arbitrary file delete vulnerability in dapur/apps/app_config/controller/backuper.php via directory traversal in the file parameter during an act=db action.

  • CVE-2017-4980HigMar 29, 2017
    risk 0.49cvss 7.5epss 0.02

    EMC Isilon OneFS is affected by a path traversal vulnerability that may potentially be exploited by attackers to compromise the affected system. Affected versions are 7.1.0 - 7.1.1.10, 7.2.0 - 7.2.1.3, and 8.0.0 - 8.0.0.1.

  • CVE-2017-7258HigMar 29, 2017
    risk 0.49cvss 7.5epss 0.02

    HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an Attacker to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as…

  • CVE-2017-5899HigMar 27, 2017
    risk 0.49cvss 7.0epss 0.01

    Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. (dot dot) in the randstr argument.

  • CVE-2017-3851HigMar 22, 2017
    risk 0.49cvss 7.5epss 0.05

    A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the…

  • CVE-2013-7462HigMar 14, 2017
    risk 0.49cvss 7.5epss 0.02

    A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system…

  • CVE-2016-9164HigMar 7, 2017
    risk 0.49cvss 7.5epss 0.05

    Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via…

  • CVE-2017-5168HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.04

    An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests,…

  • CVE-2016-9364HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server.

  • CVE-2016-9351HigFeb 13, 2017
    risk 0.49cvss 7.0epss 0.04

    An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file.

  • CVE-2016-8211HigFeb 3, 2017
    risk 0.49cvss 7.5epss 0.03

    EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users…

  • CVE-2016-10184HigJan 30, 2017
    risk 0.49cvss 7.5epss 0.06

    An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal.

  • CVE-2016-10183HigJan 30, 2017
    risk 0.49cvss 7.5epss 0.06

    An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal.