CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,285 vulnerabilities with CWE-22
CVE-2016-6517
CRITICAL
Liferay 5.1.0 - Path Traversal via minifierBundleDir Parameter
CVSS 9.8
CVE-2016-5725
MEDIUM
JCraft JSch <0.1.54 - Path Traversal
CVSS 5.9
CVE-2016-6896
HIGH
WordPress Traversal Directory DoS
CVSS 7.1
CVE-2016-7982
HIGH
SPIP < 3.1.2 - Path Traversal via var_url Parameter
CVSS 7.5
CVE-2016-2087
HIGH
HexChat 2.11.0 - Path Traversal via IRC Server Name
CVSS 7.4
CVE-2016-8207
HIGH
Brocade Network Advisor <14.0.2 - Path Traversal
CVSS 7.5
CVE-2016-8206
HIGH
Brocade Network Advisor <14.0.2 - Path Traversal
CVSS 7.5
CVE-2016-8205
CRITICAL
Brocade Network Advisor <14.0.2 - Path Traversal
CVSS 9.8
CVE-2016-8204
CRITICAL
Brocade Network Advisor <14.0.2 - Path Traversal
CVSS 9.8
CVE-2016-3151
HIGH
Barco ClickShare CSC-1, CSM-1, and CSE-200 Firmware - Path Traversal via Wallpaper Parsing
CVSS 7.5
CVE-2016-4323
LOW
Pidgin < 2.10.12 - Path Traversal and Arbitrary File Write via MXIT Protocol Splash Image
CVSS 3.7
CVE-2016-7169
MEDIUM
WordPress < 4.6.1 - Authenticated Path Traversal via File_Upload_Upgrader urlholder Parameter
CVSS 6.3
CVE-2016-10106
MEDIUM
NETGEAR FVS336Gv3-FVS318N-SRX5308 - Path Traversal
CVSS 6.5
CVE-2016-9878
HIGH
Spring Framework < 3.2.18, 4.2.x < 4.2.9, 4.3.x < 4.3.5 - Path Traversal via ResourceServlet
CVSS 7.5
CVE-2016-7087
MEDIUM
VMware Horizon View 5.x-6.x - Directory Traversal
CVSS 5.3
CVE-2016-10039
HIGH
MODX Revolution <2.5.2-pl - Path Traversal
CVSS 7.3
CVE-2016-10038
HIGH
MODX Revolution <2.5.2-pl - Path Traversal
CVSS 7.3
CVE-2016-10037
HIGH
MODX Revolution <2.5.2-pl - Path Traversal
CVSS 7.3
CVE-2016-9950
HIGH
Apport < 2.20.4 - Path Traversal via Package Hook Fields
CVSS 7.8
CVE-2016-8827
MEDIUM
NVIDIA GeForce Experience <3.1.0.52 - Info Disclosure
CVSS 6.5
CVE-2016-9210
HIGH
Cisco Unified Reporting - Unauthenticated RCE
CVSS 7.5
CVE-2016-9208
MEDIUM
Cisco Emergency Responder <12.0.0 - Info Disclosure
CVSS 6.5
CVE-2016-9199
MEDIUM
Cisco IOx <15.2(6.0.57i)E - Info Disclosure
CVSS 6.5
CVE-2016-6614
MEDIUM
phpMyAdmin <4.6.4, <4.4.15.8, <4.0.10.17 - Path Traversal
CVSS 6.8
CVE-2016-7116
MEDIUM
QEMU < 2.6.2 - Path Traversal via Dot-Dot in 9pfs Export Path
CVSS 6.0
Details
Vulnerabilities
9,285
Exploit Likelihood
High