CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,285 vulnerabilities with CWE-22
CVE-2016-7552
CRITICAL
Trend Micro Threat Discovery Appliance 2.6.1062r1 - Path Traversal & File Deletion via Session ID
CVSS 9.8
CVE-2016-4320
MEDIUM
Atlassian Bitbucket Server <4.7.1 - Path Traversal
CVSS 4.3
CVE-2016-10048
HIGH
ImageMagick 6.9.4-7 - Path Traversal
CVSS 7.5
CVE-2016-7135
MEDIUM
Plone 4.2.x-4.3.11 5.x-5.0.6 - Directory Traversal via Theme Resource Editor
CVSS 4.9
CVE-2016-9164
HIGH
CA Unified Infrastructure Management <8.4 SP1 - Path Traversal
CVSS 7.5
CVE-2016-4314
MEDIUM
WSO2 Carbon 4.4.5 - Authenticated Path Traversal via LogViewer Admin Service LogFile Parameter
CVSS 4.9
CVE-2016-9364
HIGH
Fidelix FX-20 <11.50.19 - Path Traversal
CVSS 7.5
CVE-2016-9357
MEDIUM
Eaton ePDUs <June 30, 2015 - Path Traversal
CVSS 5.3
CVE-2016-9351
HIGH
Advantech SUISAccess Server <3.0 - Path Traversal
CVSS 7.0
CVE-2016-9339
MEDIUM
INTERSCHALT Maritime Systems VDR G4e <5.220 - Path Traversal
CVSS 5.3
CVE-2016-5803
HIGH
CA Unified Infrastructure Management <8.47 - Path Traversal
CVSS 8.6
CVE-2016-4987
MEDIUM
Jenkins Image Gallery < 1.4 - Path Traversal
CVSS 6.5
CVE-2016-4986
HIGH
Jenkins Tap < 1.25 - Path Traversal
CVSS 7.5
CVE-2016-8211
HIGH
EMC Data Protection Advisor <6.2.3 - Path Traversal
CVSS 7.5
CVE-2016-8933
MEDIUM
IBM Kenexa LMS on Cloud - Path Traversal via Dot Dot Sequences
CVSS 6.5
CVE-2016-5941
MEDIUM
IBM Kenexa LMS on Cloud - Path Traversal via Dot Dot Sequences
CVSS 5.7
CVE-2016-8913
MEDIUM
IBM Kenexa LMS on Cloud <13.2.4 - Path Traversal
CVSS 6.5
CVE-2016-6126
MEDIUM
IBM Kenexa LMS on Cloud <13.2.4 - Path Traversal
CVSS 6.5
CVE-2016-10173
HIGH
minitar < 0.6 and archive-tar-minitar < 0.5.2 - Path Traversal via TAR Archive Entry
CVSS 7.5
CVE-2016-6269
CRITICAL
Trend Micro Smart Protection Server <3.0.1330 - Path Traversal
CVSS 9.1
CVE-2016-10184
HIGH
D-Link DWR-932B Firmware - Path Traversal via qmiweb
CVSS 7.5
CVE-2016-10183
HIGH
D-Link DWR-932B Firmware - Path Traversal via qmiweb Directory Listing
CVSS 7.5
CVE-2016-7569
MEDIUM
docker2aci < 0.13.0 - Path Traversal and Arbitrary File Write via Embedded Layer Data
CVSS 5.5
CVE-2016-6601
HIGH
ZOHO WebNMS Framework <5.2-5.2 SP1 - Path Traversal
CVSS 7.5
CVE-2016-6600
CRITICAL
ZOHO WebNMS Framework <5.2-5.2 SP1 - Path Traversal
CVSS 9.8
Details
Vulnerabilities
9,285
Exploit Likelihood
High