CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,261 vulnerabilities with CWE-22
CVE-2019-25087
MEDIUM
RamseyK httpserver - Path Traversal
CVSS 5.3
CVE-2019-3556
HIGH
HHVM < 4.56.2, 4.57.0-4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0 - Arbitrary File Write via dump-pcre-cache Handler
CVSS 8.1
CVE-2019-9060
HIGH
CMS Made Simple 2.2.8 - Unauthenticated Path Traversal and Arbitrary File Read via CGExtensions Module
CVSS 7.5
CVE-2019-19877
MEDIUM
B&R Industrial Automation APROL < R4.2 - Path Traversal in AprolSqlServer
CVSS 5.3
CVE-2019-17640
CRITICAL
Eclipse Vert.x 3.4.0-3.9.4 - Path Traversal via StaticHandler on Windows
CVSS 9.8
CVE-2019-20916
HIGH
pip < 19.2 - Directory Traversal via Content-Disposition Header
CVSS 7.5
CVE-2019-4582
MEDIUM
IBM Maximo Asset Management <7.6.1 - Path Traversal
CVSS 4.3
CVE-2019-20851
CRITICAL
Mattermost Mobile Apps < 1.26.0 - Path Traversal and Arbitrary File Write via Video Preview Feature
CVSS 9.1
CVE-2019-16384
MEDIUM
Cybele Thinfinity VirtualUI <2.5.17.2 - Path Traversal
CVSS 6.5
CVE-2019-17572
MEDIUM
Apache RocketMQ 4.2.0-4.6.0 - Path Traversal via Automatic Topic Creation
CVSS 5.3
CVE-2019-18871
HIGH
Blaauw Remote Kiln Control <v3.00r4 - Path Traversal
CVSS 8.8
CVE-2019-18870
MEDIUM
Blaauw Remote Kiln Control <v3.00r4 - Path Traversal
CVSS 6.5
CVE-2019-19102
MEDIUM
B&R Automation Studio <4.2.x - Path Traversal
CVSS 5.5
CVE-2019-19486
MEDIUM
Centreon < 19.04.4 - Path Traversal via minPlayCommand.php Plugin Test
CVSS 6.5
CVE-2019-16064
CRITICAL
NETSAS Enigma NMS <65.0.0 - Path Traversal
CVSS 9.6
CVE-2019-13195
HIGH
Kyocera ECOSYS M5526cdw Firmware 2R7_2000.001.701 - Unauthenticated Path Traversal
CVSS 7.5
CVE-2019-12182
CRITICAL
Safescan Timemoto & TA-8000 <1.0 - Path Traversal
CVSS 9.8
CVE-2019-19297
HIGH
SiNVR/SiVMS Video Server < V5.0.0 - Path Traversal
CVSS 7.5
CVE-2019-19296
MEDIUM
SiNVR/SiVMS Video Server < V5.0.0 - Path Traversal
CVSS 6.8
CVE-2019-19290
MEDIUM
Control Center Server < V1.5.0 - Path Traversal
CVSS 6.5
CVE-2019-3696
HIGH
pcp < 3.11.9-5.8.1 - Path Traversal and Arbitrary File Write
CVSS 8.4
CVE-2019-7007
HIGH
Avaya Equinox <R9.1.9.0 - Path Traversal
CVSS 7.5
CVE-2019-4674
MEDIUM
IBM Security Identity Manager <7.0.1 - Path Traversal
CVSS 4.9
CVE-2019-19893
HIGH
IXP EasyInstall 6.2.13723 - Unauthenticated Path Traversal via Engine Service
CVSS 7.5
CVE-2019-19834
HIGH
Ruckus Wireless Unleashed < 200.7.10.202.94 - Path Traversal via CLI Script Exec Parameter
CVSS 7.2
Details
Vulnerabilities
9,261
Exploit Likelihood
High