CWE-22

High likelihood

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

9,303 vulnerabilities with CWE-22
CVE-2001-0780
Cosmicperl Directory Pro 2.0 - Path Traversal via SHOW Parameter
CVE-2001-0925
Apache HTTP Server - Directory Listing via Excessive Slash Characters
CVE-2001-0054
SolarWinds Serv-U File Server - Path Traversal via CD Command
Details
Vulnerabilities 9,303
Exploit Likelihood High