CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-126 · CAPEC-64 · CAPEC-76 · CAPEC-78 · CAPEC-79
CVEs mapped to this weakness (5,488)
page 86 of 275| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38746 | Hig | 0.46 | 7.1 | 0.00 | Aug 1, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MakeStories Team MakeStories (for Google Web Stories) allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through… | ||
| CVE-2024-38717 | Hig | 0.46 | 7.1 | 0.00 | Jul 12, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Booking Ultra Pro allows PHP Local File Inclusion.This issue affects Booking Ultra Pro: from n/a through 1.1.13. | ||
| CVE-2023-46205 | Hig | 0.46 | 7.1 | 0.01 | May 17, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.14. | ||
| CVE-2023-25050 | Hig | 0.46 | 7.1 | 0.01 | May 17, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vova Anokhin Shortcodes Ultimate allows Absolute Path Traversal.This issue affects Shortcodes Ultimate: from n/a through 5.12.6. | ||
| CVE-2024-32982 | Hig | 0.46 | 8.2 | 0.01 | May 6, 2024 | Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit… | ||
| CVE-2024-31552 | Hig | 0.46 | 7.1 | 0.00 | Apr 19, 2024 | CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which allows attackers to download arbitrary files on the server and obtain sensitive information. | ||
| CVE-2024-32005 | Hig | 0.46 | 8.2 | 0.01 | Apr 12, 2024 | NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the `/_nicegui/{__version__}/resources/{key}/{path:path}` route. As a result any file on the backend filesystem which the… | ||
| CVE-2024-0980 | Hig | 0.46 | 7.1 | 0.00 | Mar 28, 2024 | The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. | ||
| CVE-2024-23216 | Hig | 0.46 | 7.1 | 0.00 | Mar 8, 2024 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files. | ||
| CVE-2023-6831 | Hig | 0.46 | 8.1 | 0.03 | Dec 15, 2023 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | ||
| CVE-2023-6458 | Hig | 0.46 | 7.1 | 0.01 | Dec 6, 2023 | Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. | ||
| CVE-2023-46654 | Hig | 0.46 | 8.1 | 0.01 | Oct 25, 2023 | Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to delete arbitrary files on the… | ||
| CVE-2023-2315 | Hig | 0.46 | 8.1 | 0.01 | Sep 27, 2023 | Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server | ||
| CVE-2023-37460 | — | Hig | 0.46 | 8.1 | 0.02 | Jul 25, 2023 | Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly… | |
| CVE-2023-24057 | — | Hig | 0.46 | 8.1 | 0.01 | Jan 26, 2023 | HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive). | |
| CVE-2022-44942 | Hig | 0.46 | 8.1 | 0.01 | Dec 7, 2022 | Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function. | ||
| CVE-2022-45381 | Hig | 0.46 | 8.1 | 0.01 | Nov 15, 2022 | Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines… | ||
| CVE-2022-31194 | Hig | 0.46 | 8.2 | 0.01 | Aug 1, 2022 | DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path… | ||
| CVE-2022-1850 | — | Hig | 0.46 | 8.1 | 0.01 | May 24, 2022 | Path Traversal in GitHub repository filegator/filegator prior to 7.8.0. | |
| CVE-2021-46062 | — | Hig | 0.46 | 7.1 | 0.01 | Feb 18, 2022 | MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName. |
- risk 0.46cvss 7.1epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MakeStories Team MakeStories (for Google Web Stories) allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through…
- risk 0.46cvss 7.1epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Booking Ultra Pro allows PHP Local File Inclusion.This issue affects Booking Ultra Pro: from n/a through 1.1.13.
- risk 0.46cvss 7.1epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows PHP Local File Inclusion.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.14.
- risk 0.46cvss 7.1epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vova Anokhin Shortcodes Ultimate allows Absolute Path Traversal.This issue affects Shortcodes Ultimate: from n/a through 5.12.6.
- risk 0.46cvss 8.2epss 0.01
Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit…
- risk 0.46cvss 7.1epss 0.00
CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which allows attackers to download arbitrary files on the server and obtain sensitive information.
- risk 0.46cvss 8.2epss 0.01
NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the `/_nicegui/{__version__}/resources/{key}/{path:path}` route. As a result any file on the backend filesystem which the…
- risk 0.46cvss 7.1epss 0.00
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.
- risk 0.46cvss 7.1epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files.
- risk 0.46cvss 8.1epss 0.03
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.
- risk 0.46cvss 7.1epss 0.01
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.
- risk 0.46cvss 8.1epss 0.01
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to delete arbitrary files on the…
- risk 0.46cvss 8.1epss 0.01
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
- risk 0.46cvss 8.1epss 0.02
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly…
- risk 0.46cvss 8.1epss 0.01
HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive).
- risk 0.46cvss 8.1epss 0.01
Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.
- risk 0.46cvss 8.1epss 0.01
Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines…
- risk 0.46cvss 8.2epss 0.01
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path…
- risk 0.46cvss 8.1epss 0.01
Path Traversal in GitHub repository filegator/filegator prior to 7.8.0.
- risk 0.46cvss 7.1epss 0.01
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.