CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,280 vulnerabilities with CWE-22
CVE-2017-16107
HIGH
pooledwebsocket < 0.0.18 (npm < 0.0.19) - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16106
HIGH
tmock - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16105
HIGH
serverwzl - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16104
HIGH
citypredict.whauwiller - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16103
HIGH
serveryztyzt - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16102
HIGH
serverhuwenhui - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16101
HIGH
serverwg - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16097
HIGH
tiny-http - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16096
HIGH
serveryaozeyan - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16095
HIGH
serverliujiayi1 - Path Traversal via URL
CVSS 7.5
CVE-2017-16094
HIGH
iter-http - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16093
HIGH
cyber-js - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16092
HIGH
sencisho - Path Traversal via URL
CVSS 7.5
CVE-2017-16091
HIGH
xtalk >= 0.0.2 - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16090
HIGH
fsk-server - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16089
HIGH
serverlyr - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16085
HIGH
tinyserver2 < 0.6.0 - Path Traversal via URL
CVSS 7.5
CVE-2017-16084
HIGH
list-n-stream < 0.0.10 - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16083
HIGH
node-simple-router < 0.10.0 - Path Traversal via URL
CVSS 7.5
CVE-2017-16039
HIGH
hftp - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16038
HIGH
f2e-server < 1.12.11 - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16037
HIGH
gomeplus-h5-proxy - Path Traversal via URL Parameter
CVSS 7.5
CVE-2017-16036
HIGH
badjs-sourcemap-server - Path Traversal via URL Manipulation
CVSS 7.5
CVE-2017-16029
HIGH
hostr < 2.3.5 - Path Traversal via URL Path
CVSS 7.5
CVE-2017-0930
MEDIUM
augustine - Path Traversal via URL Parameter
CVSS 6.5
Details
Vulnerabilities
9,280
Exploit Likelihood
High