CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,293 vulnerabilities with CWE-22
CVE-2008-6129
moziloWiki < 1.0.1 - Path Traversal via Print.php Page Parameter
CVE-2008-6126
moziloCMS <= 1.10.2 - Path Traversal via Download and Index Page Parameters
CVE-2008-6112
Ez Ringtone Manager - Path Traversal
CVE-2008-6090
ScriptsEz Mini Hosting Panel - Path Traversal
CVE-2008-6089
ScriptsEz Easy Image Downloader - Path Traversal
CVE-2008-6083
TXTshop beta 1.0 - Path Traversal via Language Parameter
CVE-2008-6080
com_ionfiles 4.4.2 - Path Traversal via File Parameter
CVE-2008-6074
phpcrs < 2.06 - Remote File Inclusion via ImportFunction Parameter
CVE-2008-4419
HP 9200c Digital Sender < 20081211_09.131.1 - Path Traversal
CVE-2008-6025
OpenElec < 3.01 - Remote Code Execution via Path Traversal in scr/form.php
CVE-2008-6018
MyPHPSite - Path Traversal via Mod Parameter
CVE-2008-6012
Pritlog < 0.4 - Unauthenticated Path Traversal via Filename Parameter
CVE-2008-6010
SG Real Estate Portal 2.0 - Path Traversal
CVE-2008-6002
web-cp 0.5.7 - Path Traversal via sendfile.php filelocation Parameter
CVE-2008-5997
Omnicom Content Platform (OCP) 2.0 - Path Traversal
CVE-2008-5993
Barcode Generator 1D <2.0.0 - Path Traversal
CVE-2008-5991
MailWatch for MailScanner < 1.0.4 - Remote File Inclusion via docs.php doc Parameter
CVE-2008-5990
emergecolab 1.0 - Path Traversal via Sitecode Parameter
CVE-2008-5989
phpcounter < 1.3.2 - Path Traversal via l Parameter
CVE-2008-5968
PHP iCalendar <2.24 - Path Traversal
CVE-2008-5965
LokiCMS <= 0.3.4 - Path Traversal via Page Parameter
CVE-2008-5962
Gravity GTD <0.4.5 - Path Traversal
CVE-2008-5953
KTP Computer Customer Database - Remote File Inclusion via Path Traversal in p Parameter
CVE-2008-5948
BNCwi < 1.04 - Remote File Inclusion via Newlanguage Parameter
CVE-2008-5943
NavBoard 16 (2.6.0) - Path Traversal
Details
Vulnerabilities
9,293
Exploit Likelihood
High