CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,302 vulnerabilities with CWE-22
CVE-2008-2185
SMartBlog 1.3 - Path Traversal via Page Parameter
CVE-2008-2116
ScriptsEZ.net Power Editor 2.0 - Path Traversal via te and dir Parameters
CVE-2008-2091
KubeLabs Kubelance 1.6.4 - Path Traversal via IPN i Parameter
CVE-2008-2081
Siteman 2.0.x2 - Authenticated Path Traversal via Module Parameter
CVE-2008-2073
vlbook 1.21 - Path Traversal via l Parameter
CVE-2008-2076
ActualScripts ActualAnalyzer Lite 2.78 - Remote File Inclusion via Admin.php Style Parameter
CVE-2008-2045
SugarCRM 4.5.1 and 5.0.0 - Path Traversal via URL Parameter in Feed.php
CVE-2008-2015
WatchFire AppScan 7.0 - Path Traversal
CVE-2008-2017
Chilek Content Management System <2.0.4 - Path Traversal
CVE-2008-1962
Aterr 0.9.1 - Path Traversal via Class or File Parameter
CVE-2008-1933
Zune Software - Path Traversal and Arbitrary File Write via SaveToFile Method
CVE-2008-1908
cpCommerce 1.1.0 - Path Traversal via Language or Action Parameter
CVE-2008-1891
Ruby <1.8.4-1.9.0-2 - Path Traversal
CVE-2008-1884
Wikepage Opus 13 2007.2 - Path Traversal
CVE-2008-1885
NeffyLauncher 1.0.5 - Path Traversal
CVE-2008-1861
exbb_italia < 0.2.2 - Remote File Inclusion via exbb[default_lang] Parameter
CVE-2008-1856
LinPHA <= 1.3.3 - Unauthenticated Directory Traversal and Arbitrary File Execution via Maps Configuration
CVE-2008-1857
Make our Life Easy Mole <2.1.0 - Path Traversal
CVE-2008-0068
HP OpenView Network Node Manager 7.01, 7.51, 7.53 - Path Traversal via Action Parameter
CVE-2008-1849
Mambo/Joomla! <1.6.2 - Path Traversal
CVE-2008-1798
Dragoon 0.1 - Path Traversal via cal[lng] Parameter
CVE-2008-1799
sabros.us 1.75 - Path Traversal via thumbnails.php img Parameter
CVE-2008-1751
Ksemail - Path Traversal via Language Parameter
CVE-2008-1755
World of Phaos 4.0.1 - Path Traversal
CVE-2008-1730
ARWScripts Gallery Script Lite - Path Traversal
Details
Vulnerabilities 9,302
Exploit Likelihood High