CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,286 vulnerabilities with CWE-22
CVE-2015-1847
HIGH
appserver < 1.0.2 - Path Traversal via Crafted URL
CVSS 7.5
CVE-2015-3297
HIGH
Etherpad 1.1.1-1.5.2 - Path Traversal via Minify.js Path Parameter
CVSS 7.5
CVE-2015-7780
MEDIUM
ManageEngine Firewall Analyzer <8.0 - Path Traversal
CVSS 6.5
CVE-2015-8235
HIGH
call-cc spiffy < 5.4 - Path Traversal
CVSS 7.5
CVE-2015-7888
HIGH
Samsung S6 Edge LRX22G.G925VVRU1AOE2 - Path Traversal
CVSS 7.5
CVE-2015-5473
CRITICAL
Samsung SyncThru 6 <1.0 - Path Traversal
CVSS 9.8
CVE-2015-0269
MEDIUM
Contao < 3.2.19 and 3.4.0-3.4.3 - Authenticated Path Traversal
CVSS 4.3
CVE-2015-1834
MEDIUM
Cloudfoundry Cf-release < 207 - Path Traversal
CVSS 6.5
CVE-2015-5609
CRITICAL
WordPress Image Export <1.1 - Path Traversal
CVSS 9.1
CVE-2015-5469
HIGH
MDC YouTube Downloader <2.1.0 - Path Traversal
CVSS 7.5
CVE-2015-5468
HIGH
WP e-Commerce Shop Styling <2.6 - Path Traversal
CVSS 7.5
CVE-2015-4704
HIGH
Download Zip Attachments 1.0 - Path Traversal via File Parameter
CVSS 7.5
CVE-2015-7245
HIGH
D-Link DVG-N5402SP Firmware W1000CN-00, W1000CN-03, W2000EN-00 - Path Traversal via Errorpage Parameter
CVSS 7.5
CVE-2015-0107
MEDIUM
IBM Maximo Asset Management 7.1-7.1.1.8, 7.5 < 7.5.0.7 IFIX003, 7.6 < 7.6.0.0 IFIX002 - Authenticated Path Traversal
CVSS 6.5
CVE-2015-8780
MEDIUM
Samsung Kies < 2015-10-30 - Path Traversal via Kies Restore
CVSS 6.4
CVE-2015-8283
MEDIUM
SeaWell Networks Spectrum SDC <2.05.00 - Path Traversal
CVSS 6.5
CVE-2015-7270
HIGH
Dell Integrated Remote Access Controller Firmware < 2.20.20.20 - Path Traversal
CVSS 7.8
CVE-2015-8309
MEDIUM
Cherry Music <0.36.0 - Path Traversal
CVSS 4.3
CVE-2015-1000006
HIGH
recent-backups v0.7 - Path Traversal
CVSS 7.5
CVE-2015-1000005
HIGH
Candidate Application Form <1.0 - RCE
CVSS 7.5
CVE-2015-8799
HIGH
Symantec Critical System Protection < 5.2.9 - Authenticated Path Traversal and Arbitrary File Write
CVSS 7.6
CVE-2015-8798
HIGH
Symantec Critical System Protection < 5.2.9 - Authenticated Path Traversal
CVSS 8.0
CVE-2015-5313
LOW
libvirt - Path Traversal via Volume Name
CVSS 2.5
CVE-2015-5345
MEDIUM
Apache Tomcat <6.0.45-9.0.0.M2 - Info Disclosure
CVSS 5.3
CVE-2015-5174
MEDIUM
Apache Tomcat 6.x < 6.0.45, 7.x < 7.0.65, 8.x < 8.0.27 - Directory Traversal via Slash Dot Dot
CVSS 4.3
Details
Vulnerabilities
9,286
Exploit Likelihood
High