CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,291 vulnerabilities with CWE-22
CVE-2009-5067
html2ps < 1.0b6 - Path Traversal via SSI Include File Directive
CVE-2009-5114
iwork WebGlimpse < 2.18.7 - Path Traversal via DOC Parameter
CVE-2009-5093
Php4scripte Gastebuch - Path Traversal
CVE-2009-5089
IdeaCart 0.02 and 0.02a - Path Traversal via Page Parameter
CVE-2009-5087
Geovision Digital Video Surveillance System 8.2 - Path Traversal via GET Request
CVE-2009-4986
In-Portal 4.3.1 - Path Traversal via Env Parameter
CVE-2009-4978
MyBackup 1.4.0 - Path Traversal via Filename Parameter
CVE-2009-4896
mlmmj 1.2.15-1.2.17 - Authenticated Path Traversal and Arbitrary File Manipulation via List Name Parameter
CVE-2009-4974
TotalCalendar 2.4 - Path Traversal via Box Parameter
CVE-2009-4960
Lanai Core 0.6 - Path Traversal via Download Module f Parameter
CVE-2009-4957
Interspire ActiveKB - Path Traversal via Panel Parameter
CVE-2009-4952
serge_gebhardt/dir_listing < 1.1.0 - Path Traversal
CVE-2009-4946
com_messaging < 1.5.0 - Path Traversal via Controller Parameter
CVE-2009-4886
phpCommunity 2 2.1.8 - Path Traversal via File or Path Parameter
CVE-2009-4816
The Uploader 2.0 - Path Traversal via Filename Parameter
CVE-2009-4815
Serv-U File Server < 9.2.0.1 - Authenticated Path Traversal
CVE-2009-4809
Easy File Sharing Web Server 4.8 - Path Traversal via vfolder Parameter
CVE-2009-4800
Sysax Multi Server 4.3 and 4.5 - Authenticated Path Traversal via DELE Command
CVE-2009-4790
Sysax Multi Server 4.5 - Path Traversal
CVE-2009-4740
Webesse E-Card <1.0.2 - Path Traversal
CVE-2009-4726
Quickdev 4 PHP - Path Traversal via Download File Parameter
CVE-2009-4725
Arab Portal < 2.2 - Remote File Inclusion via Module Parameter Path Traversal
CVE-2009-4723
Netpet CMS 1.9 - Path Traversal via Language Parameter
CVE-2009-4700
SkaDate Online Dating Software - Path Traversal via Layout Parameter
CVE-2009-4683
Good/Bad Vote <unknown> - Path Traversal
Details
Vulnerabilities
9,291
Exploit Likelihood
High