CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,303 vulnerabilities with CWE-22
CVE-2007-6290
SERWeb <2.0.0 dev1 - Path Traversal
CVE-2007-6268
Absolute News Manager.NET 5.1 - Path Traversal
CVE-2007-6230
Rayzz Script 2.0 - Path Traversal via CFG[site][project_path] Parameter
CVE-2007-6233
FTP Admin 0.1.0 - Authenticated Path Traversal via Page Parameter
CVE-2007-6212
KML share 1.1 - Path Traversal via Layer Parameter
CVE-2007-6213
WebED 0.0.9 - Path Traversal via Root and Path Parameters
CVE-2007-6214
LearnLoop <2.0 beta7 - Path Traversal
CVE-2007-6215
Web-MeetMe 3.0.3 - Path Traversal via play.php roomNo Parameter
CVE-2007-5742
Wesnoth 1.2.x < 1.2.8 and 1.3.x < 1.3.12 - Path Traversal via WML Engine Preprocessor
CVE-2007-6187
PHP Content Architect <1.2 - Path Traversal
CVE-2007-6188
TuMusika Evolution 1.7R5 - Path Traversal
CVE-2007-6184
Project Alumni 1.0.9 - Path Traversal
CVE-2007-6185
Eurologon CMS - Path Traversal via File Parameter in Users/Files.php
CVE-2007-5960
Mozilla Firefox <2.0.0.10 & SeaMonkey <1.1.7 - CSRF
CVE-2007-6086
VigileCMS 1.4 - Path Traversal via Module Parameter
CVE-2007-6079
bcoos 1.0.10 - Path Traversal and Arbitrary File Execution via xoopsOption[pagetype] Parameter
CVE-2007-4683
Apple Mac OS X <10.4.11 - Path Traversal
CVE-2007-5956
IBM Informix Dynamic Server <10.00.xC7 - Path Traversal
CVE-2007-5915
phphelpdesk <0.6.16 - Path Traversal
CVE-2007-5920
PicoFlat CMS <0.4.18 - Path Traversal
CVE-2007-5927
HIGH
OpenBase < 10.0.5 - Authenticated Path Traversal via GlobalLog Stored Procedure
CVSS 8.1
CVE-2007-5844
GuppY 4.6.3 - Path Traversal and Remote File Inclusion via selskin Parameter
CVE-2007-3874
Altiris Deployment Solution < 6.8.380.0 - Path Traversal via PXE Server TFTP/MFTP Daemon
CVE-2007-5820
Ax Developer CMS 0.1.1 - Remote File Inclusion via Module Parameter Path Traversal
CVE-2007-5821
DM Guestbook <0.4.1 - Path Traversal
Details
Vulnerabilities
9,303
Exploit Likelihood
High