CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,261 vulnerabilities with CWE-22
CVE-2019-19790
CRITICAL
Telerik UI for ASP.NET AJAX RadChart - Path Traversal and Arbitrary File Read/Delete via Image Handler
CVSS 9.8
CVE-2019-5251
MEDIUM
Huawei Smartphone Firmware - Path Traversal via Malicious Application Backup
CVSS 5.5
CVE-2019-16777
HIGH
npm < 6.13.4 - Arbitrary File Overwrite via Global Binary Installation
CVSS 7.7
CVE-2019-16776
HIGH
npm < 6.13.3 - Arbitrary File Write via package.json bin Field
CVSS 7.7
CVE-2019-18338
HIGH
SINVR 3 Central Control Server < V1.5.0 - Authenticated Path Traversal via XML Communication Protocol
CVSS 7.7
CVE-2019-13944
MEDIUM
Siemens EN100 Ethernet Module - Unauthenticated Path Traversal via Web Server
CVSS 5.3
CVE-2019-16246
CRITICAL
Intesync Solismed 3.3sp1 - Unauthenticated Local File Inclusion and Remote Code Execution
CVSS 9.8
CVE-2019-15931
CRITICAL
Intesync Solismed 3.3sp - Path Traversal
CVSS 9.8
CVE-2019-19374
CRITICAL
Squiz Matrix CMS <5.5.0.3-5.5.3.3 - Info Disclosure
CVSS 9.1
CVE-2019-19683
CRITICAL
nopCommerce 4.2.0 - Path Traversal via RoxyFileman ProcessRequest
CVSS 9.1
CVE-2019-14251
HIGH
Temenos Channels R15.01 - Path Traversal
CVSS 7.5
CVE-2019-7195
CRITICAL
KEV
QNAP Photo Station - Path Traversal
CVSS 9.8
CVE-2019-7194
CRITICAL
KEV
QNAP Photo Station - Path Traversal
CVSS 9.8
CVE-2019-19229
MEDIUM
Fronius Solar Inverter <3.14.1 - Path Traversal
CVSS 6.5
CVE-2019-19459
CRITICAL
SALTO ProAccess SPACE 5.4.3.0 - Code Injection
CVSS 9.8
CVE-2019-19458
HIGH
SALTO ProAccess SPACE <5.4.3.0 - Path Traversal
CVSS 8.6
CVE-2019-18922
HIGH
Allied Telesis AT-GS950/8 - Path Traversal
CVSS 7.5
CVE-2019-19372
HIGH
rConfig < 3.9.3 - Path Traversal via downloadFile.php
CVSS 7.5
CVE-2019-18253
CRITICAL
Relion 670 Series < 1p1r26 - Path Traversal via Specially Crafted Paths
CVSS 10.0
CVE-2019-10220
HIGH
Linux kernel <4.9.0 - Path Traversal
CVSS 8.8
CVE-2019-16765
HIGH
Microsoft CodeQL < 1.0.1 - Arbitrary Code Execution via Workspace Directory Traversal
CVSS 7.4
CVE-2019-17406
MEDIUM
Nokia IMPACT < 18a - Path Traversal
CVSS 5.3
CVE-2019-17404
MEDIUM
Nokia IMPACT < 18a - Path Traversal
CVSS 4.3
CVE-2019-13157
HIGH
Naver Vaccine 2.1.4 - Path Traversal and Arbitrary File Write via nsz Archive Filename
CVSS 7.5
CVE-2019-16758
HIGH
Lexmark Services Monitor <2.27.4.0.39 - Path Traversal
CVSS 7.5
Details
Vulnerabilities
9,261
Exploit Likelihood
High