CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,302 vulnerabilities with CWE-22
CVE-2008-1702
e107 my_gallery 2.3 - Absolute Path Traversal via dload.php file Parameter
CVE-2008-1696
DaZPHPNews 0.1-1 - Path Traversal via makepost.php prefixdir Parameter
CVE-2008-0310
SCO UnixWare 7.1.4 - Local Path Traversal via PKGINST Environment Variable
CVE-2008-1620
2X TFTP service <3.2.0.0 - Path Traversal
CVE-2008-1624
Jshop Server 1.x-2.x - Remote File Inclusion via xPage Parameter
CVE-2008-1635
Keep It Simple Guest Book <5.1.1 - Path Traversal
CVE-2008-1642
Sava's GuestBook 2.0 - Path Traversal
CVE-2008-1643
LANDesk Management Suite <8.7.5-8.8 - Path Traversal
CVE-2008-1645
phpSpamManager 0.53 beta - Path Traversal
CVE-2008-1651
EasyNews 4.0 - Path Traversal via Lang Parameter
CVE-2008-1652
Perlbal <1.70 - Path Traversal
CVE-2008-1653
Sava's Link Manager 2.0 - Path Traversal
CVE-2008-1606
Elastic Path <4.1-4.1.1 - Path Traversal
CVE-2008-1564
Dan Costin File Transfer <1.2f - Path Traversal
CVE-2008-1565
phpBB PJIRC Module 0.5 - Remote File Inclusion via phpEx Parameter
CVE-2008-1553
TopperMod 1.0 - Path Traversal via 'to' Parameter in mod.php
CVE-2008-1555
BolinOS 4.6.1 - Remote File Inclusion via _bFileToInclude Parameter
CVE-2008-1534
PowerPHPBoard 1.00b - Path Traversal
CVE-2008-1537
PowerScripts PowerBook 1.21 - Path Traversal
CVE-2008-1541
HIS Webshop 2.50 - Path Traversal via t Parameter
CVE-2008-1512
XS-Mod 2.3.1, 2.4.0 - Path Traversal
CVE-2008-1493
Cuteflow Bin <1.5.0 - Path Traversal
CVE-2008-1400
MG-SOFT Net Inspector <6.5.0.828 - Path Traversal
CVE-2008-1409
Exero CMS 1.0.1 - Path Traversal via Theme Parameter
CVE-2008-1410
Acronis Snap Deploy <2.0.0.1076 - Path Traversal
Details
Vulnerabilities
9,302
Exploit Likelihood
High