CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,290 vulnerabilities with CWE-22
CVE-2010-4154
FTP Voyager 15.2.0.11 - Path Traversal via FTP Filename
CVE-2010-4153
CrossFTP Pro < 1.65a - Path Traversal and Arbitrary File Write via FTP Filename
CVE-2010-4149
Fresh FTP 5.36-5.37 - Path Traversal and Arbitrary File Write via Dot Dot Backslash
CVE-2010-4148
AnyConnect < 1.2.3.0 - Path Traversal via FTP Filename
CVE-2010-3842
curl 7.20.0-7.21.1 - Path Traversal via Content-Disposition Header with Backslash Separator
CVE-2010-4095
Robo-FTP < 3.7.5 - Path Traversal via FTP Server Response Filename
CVE-2010-3743
Visual Synapse HTTP Server <= 0.60 - Path Traversal via URI
CVE-2010-2797
CMS Made Simple <1.8.1 - Path Traversal
CVE-2010-3692
phpCAS < 1.1.3 - Path Traversal via PGTiou Parameter
CVE-2010-3688
NetArtMEDIA WebSiteAdmin - Path Traversal via ADMIN/login.php lng Parameter
CVE-2010-3468
Mura CMS <5.1.498-5.2.2809 & Sava CMS 5-5.2 - Path Traversal
CVE-2010-3490
FreePBX < 2.8.0 - Authenticated Path Traversal and Arbitrary File Write via System Recordings Component
CVE-2010-3606
NetArt MEDIA Real Estate Portal 2.0 - Path Traversal via Folder or Action Parameter
CVE-2010-3306
Weborf < 0.12.3 - Path Traversal via URI ..%2f Sequences
CVE-2010-3261
RSA Authentication Agent <7.0 - Path Traversal
CVE-2010-3488
QuickShare 1.0 - Path Traversal via Triple Dot URL Encoding
CVE-2010-3487
YelloSoft Pinky 1.0 - Path Traversal
CVE-2010-3486
SmarterMail 7.1.3876 - Path Traversal
CVE-2010-3480
ApPHP PHP MicroCMS 1.0.1 - Path Traversal
CVE-2010-3460
AXIGEN Mail Server 7.4.1 - Path Traversal
CVE-2010-3456
EnergyScripts Simple Download 1.0 - Path Traversal
CVE-2010-3426
JPhone <1.0 Alpha 3 - Path Traversal
CVE-2010-0154
IBM Proventia Network Mail Security System Path Traversal via LMI sla/index.php
CVE-2010-3203
com_picsell 1.0 - Path Traversal via dflink Parameter
CVE-2010-3104
DeskShare AutoFTP Manager <4.31 - Path Traversal
Details
Vulnerabilities
9,290
Exploit Likelihood
High