CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,275 vulnerabilities with CWE-22
CVE-2017-16859
MEDIUM
Atlassian Crucible and Fisheye < 4.3.2, 4.4.0-4.4.3 - Path Traversal via Review Attachment Command Parameter
CVSS 6.5
CVE-2017-17309
HIGH
Huawei HG255s-10 V100R001C163B025SP02 - Unauthenticated Path Traversal
CVSS 7.5
CVE-2017-5381
HIGH
Firefox < 51.0 - Path Traversal via Certificate Viewer Export Function
CVSS 7.5
CVE-2017-16223
HIGH
nodeaaaaa 1.0.0-1.2.9 - Path Traversal via URL
CVSS 7.5
CVE-2017-16222
MEDIUM
elding - Path Traversal via URL Manipulation
CVSS 5.3
CVE-2017-16221
HIGH
yzt - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16220
HIGH
wind-mvc - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16219
HIGH
yttivy - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16218
HIGH
dgard8.lab6 - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16217
HIGH
fbr-client - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16216
HIGH
tencent-server - Path Traversal via URL
CVSS 7.5
CVE-2017-16215
HIGH
sgqserve - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16214
HIGH
peiserver - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16213
HIGH
mfrserver - Path Traversal via URL
CVSS 7.5
CVE-2017-16212
HIGH
ltt - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16211
HIGH
lessindex - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16210
HIGH
jn_jj_server - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16209
HIGH
enserver - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16208
HIGH
dmmcquay.lab6 - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16201
HIGH
zjjserver - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16200
HIGH
uv-tj-demo - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16199
HIGH
susu-sum - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16198
HIGH
ritp - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16197
HIGH
qinserve - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16196
HIGH
quickserver - Path Traversal via URL Parameter
CVSS 7.5
Details
Vulnerabilities
9,275
Exploit Likelihood
High