CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,291 vulnerabilities with CWE-22
CVE-2010-1466
openUrgence Vaccin 1.03 - Path Traversal
CVE-2010-1462
WebAsyst Shop-Script FREE - Path Traversal
CVE-2010-1461
Joomla! com_photobattle 1.0.1 - Path Traversal
CVE-2010-0481
MEDIUM
Microsoft Windows Vista, Server 2008, and 7 - Denial of Service via Registry Key Virtual Path Parsing
CVSS 5.5
CVE-2010-1354
Joomla! VJDEO <1.0.1 - Path Traversal
CVE-2010-1353
wowjoomla com_loginbox - Path Traversal via View Parameter
CVE-2010-1352
JOOFORGE Jutebox <1.7 - Path Traversal
CVE-2010-1345
Cookex Agency CKForms <1.3.3 - Path Traversal
CVE-2010-1340
J!Research (com_jresearch) - Path Traversal via Controller Parameter
CVE-2010-1315
com_weberpcustomer 1.2.1 and 1.x before 1.06.02 - Path Traversal via Controller Parameter
CVE-2010-1314
Highslide JS <2.0.9 - Path Traversal
CVE-2010-1313
Seber Cart <1.0.0.12-1.0.0.13 - Path Traversal
CVE-2010-1312
iJoomla News Portal <1.5.x - Path Traversal
CVE-2010-1309
Irmin CMS <0.6 BETA2 - Path Traversal
CVE-2010-1308
Joomla! com_svmap 1.1.1 - Path Traversal
CVE-2010-1307
com_joomlaupdater - Path Traversal via Controller Parameter
CVE-2010-1306
com_joomlapicasa2 2.0 and 2.0.5 - Path Traversal via Controller Parameter
CVE-2010-1305
Joomla! com_jinventory <1.26.03 - Path Traversal
CVE-2010-1304
Joomla! com_userstatus <1.21.16 - Path Traversal
CVE-2010-1302
Joomla! com_dwgraphs 1.0 - Path Traversal
CVE-2010-1298
Pulse CMS 1.2.2 - Path Traversal via f Parameter
CVE-2010-1268
justVisual CMS 2.0 - Path Traversal
CVE-2010-1267
WebMaid CMS <0.2-6 - Path Traversal
CVE-2010-1219
JA News (com_janews) 1.0 - Path Traversal
CVE-2010-1217
JE Form Creator - Unauthenticated Directory Traversal via View Parameter
Details
Vulnerabilities
9,291
Exploit Likelihood
High