CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,286 vulnerabilities with CWE-22
CVE-2015-8794 MEDIUM
Roundcube Webmail < 1.0.6 and 1.1.x < 1.1.2 - Authenticated Path Traversal via Contact Photo _alt Parameter
CVSS 6.5
CVE-2015-8770 HIGH
Roundcube Webmail < 1.0.8 and 1.1.x < 1.1.4 - Authenticated Path Traversal via _skin Parameter
CVSS 7.5
CVE-2015-6833 HIGH
PHP < 5.4.44, 5.5.x < 5.5.28, 5.6.x < 5.6.12 - Path Traversal and Arbitrary File Write via PharData extractTo
CVSS 7.5
CVE-2015-4988 HIGH
IBM Tealeaf CX Path Traversal (8.7.1.8818, 8.8.0.9026, 9.0.0, 9.0.1.1083, 9.0.2.1095)
CVSS 8.6
CVE-2015-5471 MEDIUM
Swim Team plugin <1.44.10777 - Path Traversal
CVSS 5.3
CVE-2015-4703 MEDIUM
WordPress Rename Plugin 1.0 - Unauthenticated Path Traversal via mysqldump_download.php dumpfname Parameter
CVSS 5.3
CVE-2015-4694 HIGH
Zip Attachments < 1.5 - Path Traversal via za_file Parameter
CVSS 8.6
CVE-2015-2007 MEDIUM
IBM QRadar Security Information and Event Manager 7.2.x < 7.2.5 Patch 6 - Authenticated Path Traversal
CVSS 5.0
CVE-2015-2875 HIGH
Seagate - Path Traversal
CVSS 7.5
CVE-2015-7250 HIGH
ZTE ZXHN H108N R1A Firmware < ZTE.bhs.ZXHNH108NR1A.k_PE - Unauthenticated Path Traversal via getpage Parameter
CVSS 7.5
CVE-2015-7907 HIGH
Honeywell Midas <1.13b3-2.13b3 - Path Traversal
CVSS 8.6
CVE-2015-8565
Joomla! 3.2.0-3.3.x and 3.4.x < 3.4.6 - Directory Traversal
CVE-2015-8564
Joomla! 3.4.x - Directory Traversal via XML Install File in Extension Package
CVE-2015-8358
bitrix.mpbuilder < 1.0.11 - Authenticated Path Traversal via Work Array Parameter
CVE-2015-8357
bitrix.xscan < 1.0.3 - Authenticated Path Traversal via File Parameter
CVE-2015-6406
Cisco Emergency Responder 10.5(1.10000.5) - Authenticated Path Traversal and Arbitrary File Write via Tools Menu
CVE-2015-7037
iPhone OS < 9.2 - Path Traversal in Mobile Backup via Crafted Pathname
CVE-2015-5322
Jenkins <1.638-1.625.2 - Path Traversal
CVE-2015-8228
Huawei AR Firmware < V200R006SPH003 - Authenticated Path Traversal
CVE-2015-7815
Matomo < 2.14.3 - Remote Code Execution via ViewDataTable Parameter
CVE-2015-7254
Huawei HG532e, HG532n, and HG532s - Path Traversal via Icon URI
CVE-2015-5305
Red Hat OpenShift Enterprise 3.0 - Path Traversal and Arbitrary File Write via Crafted Object Type Name
CVE-2015-6500
ownCloud Server < 8.0.6 and 8.1.x < 8.1.1 - Authenticated Directory Traversal via dir Parameter
CVE-2015-1003
IniNet embeddedWebServer <2.02 - Path Traversal
CVE-2015-7006
Apple iOS <9.1, macOS <10.11.1, watchOS <2.0.1 - Remote Code Execution via Crafted CPIO Archive
Details
Vulnerabilities 9,286
Exploit Likelihood High