CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,271 vulnerabilities with CWE-22
CVE-2018-12560
MEDIUM
Cantata < 2.3.1 - Unauthenticated Arbitrary Unmount via Directory Traversal
CVSS 6.5
CVE-2018-12559
HIGH
Cantata < 2.3.1 - Path Traversal via D-Bus Mount Target
CVSS 8.8
CVE-2018-12530
MEDIUM
MetInfo 6.0.0 - Unauthenticated Path Traversal and Arbitrary File Deletion via CSV Import Filename Parameter
CVSS 6.5
CVE-2018-5755
MEDIUM
Open-Xchange OX App Suite <7.6.3-rev3-7.8.4-rev4 - Path Traversal
CVSS 5.5
CVE-2018-12494
MEDIUM
PublicCMS V4.0.20180210 - Path Traversal
CVSS 6.5
CVE-2018-12493
MEDIUM
PublicCMS V4.0.20180210 - Path Traversal
CVSS 6.5
CVE-2018-0496
HIGH
DFArc and DFArc2 < 3.14 - Path Traversal and Arbitrary File Write via D-Mod Extractor
CVSS 7.5
CVE-2018-1103
MEDIUM
Openshift Enterprise <1.1.10 - Code Injection
CVSS 6.1
CVE-2018-12054
HIGH
PHP Scripts Mall Schools Alert Mgt - Path Traversal
CVSS 7.5
CVE-2018-12053
HIGH
PHP Scripts Mall Schools Alert Mgmt - Path Traversal
CVSS 7.5
CVE-2018-3758
HIGH
express-cart < 1.1.7 - Authenticated Path Traversal and Remote Code Execution
CVSS 8.8
CVE-2018-12042
HIGH
Roxy Fileman <v1.4.5 - Path Traversal
CVSS 7.5
CVE-2018-12036
HIGH
OWASP Dependency-Check <3.2.0 - Path Traversal
CVSS 7.8
CVE-2018-12031
CRITICAL
Eaton Intelligent Power Manager <1.6 - Path Traversal
CVSS 9.8
CVE-2018-0296
HIGH
KEV
Cisco ASA & FTD - Unauthenticated DoS & Info Disclosure via HTTP URL
CVSS 7.5
CVE-2018-3732
HIGH
resolve-path < 1.4.0 - Path Traversal via Special Character Bypass
CVSS 7.5
CVE-2018-3731
HIGH
public.js < 0.1.3 - Path Traversal via filePath Parameter
CVSS 7.5
CVE-2018-3730
HIGH
mcstatic - Path Traversal via filePath Parameter
CVSS 7.5
CVE-2018-3729
HIGH
localhost-now < 1.0.2 - Path Traversal via File Path Validation Bypass
CVSS 7.5
CVE-2018-3727
HIGH
626 - Path Traversal via File Parameter
CVSS 7.5
CVE-2018-3725
HIGH
hekto < 0.2.3 - Path Traversal via File Parameter
CVSS 7.5
CVE-2018-3724
HIGH
general-file-server - Path Traversal via currpath Parameter
CVSS 7.5
CVE-2018-3715
MEDIUM
glance < 3.0.4 - Path Traversal via Unvalidated Path Input
CVSS 6.5
CVE-2018-3714
MEDIUM
node-srv < 2.1.1 - Path Traversal via URL Parameter
CVSS 6.5
CVE-2018-3713
MEDIUM
angular-http-server < 1.6.0 - Path Traversal via possibleFilename
CVSS 6.5
Details
Vulnerabilities
9,271
Exploit Likelihood
High