CWE-22
High likelihoodImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
9,303 vulnerabilities with CWE-22
CVE-2007-5823
Ben Ng Scribe <0.2 - Path Traversal
CVE-2007-5826
EDraw Flowchart ActiveX <2.0.2005.1104 - Path Traversal
CVE-2007-5831
SSL-Explorer <0.2.14 - Path Traversal
CVE-2007-5815
SonicWall SSL-VPN <2.1-2.5 - Path Traversal
CVE-2007-5811
phpMyConferences <8.0.2 - Path Traversal
CVE-2007-5812
ModuleBuilder 1.0 - Path Traversal via File Parameter
CVE-2007-5813
ISPworker 1.21 - Path Traversal via TicketID or Filename Parameter
CVE-2007-5802
Firewolf Technologies Synergiser <1.2 RC1 - Path Traversal
CVE-2007-4829
Archive::Tar < 1.36 - Path Traversal via TAR Archive Filename
CVE-2007-5776
i-Gallery 3.4 - Path Traversal via Encoded Backslash Sequences in d Parameter
CVE-2007-5782
FireConfig 0.5 - Unauthenticated Path Traversal via dl.php file Parameter
CVE-2007-5731
Apache Jakarta Slide <= 2.1 - Authenticated Path Traversal via WebDAV Write Request
CVE-2007-5732
eLouai Force Download - Path Traversal via File Parameter
CVE-2007-5739
Korean GHBoard - Path Traversal via FlashUpload Download Name Parameter
CVE-2007-5706
Jeebles Directory 2.9.60 - Path Traversal via Download.php Query String
CVE-2007-5694
SiteBar 3.3.8 - Authenticated Path Traversal via Translation Module Dir Parameter
CVE-2007-5685
shttp < 0.0.4 - Path Traversal via Safe Path Function
CVE-2007-5684
TikiWiki < 1.9.8.1 - Remote File Inclusion and Execution via Path Traversal
CVE-2007-5674
InstaGuide Weather 1.0 - Path Traversal via PageName Parameter
CVE-2007-5642
PHP Project Management < 0.8.10 - Path Traversal via Multiple Module Parameters
CVE-2007-5650
ReloadCMS 1.2.7 - Path Traversal via Module Parameter
CVE-2007-5620
ZZ:FlashChat < 3.1 - Path Traversal via Help File Parameter
CVE-2007-5491
SiteBar 3.3.8 - Authenticated Path Traversal via Translation Module Lang Parameter
CVE-2007-5489
Artmedic CMS <= 3.4 - Path Traversal via Page Parameter
CVE-2007-5484
WWWISIS 7.1 - Path Traversal via IsisScript Parameter
Details
Vulnerabilities
9,303
Exploit Likelihood
High