Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-59

CWE-59

Medium likelihood

Improper Link Resolution Before File Access ('Link Following')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

1,527 vulnerabilities with CWE-59

Firewall Builder <3.0.7 - Privilege Escalation

VideoCache 1.9.2 - Local Privilege Escalation

GNU coreutils <8.1 - Privilege Escalation

GForge 4.5.14, 4.7 rc2, and 4.8.2 - Arbitrary File Overwrite via Symlink Attack on Authorized Keys

Merkaartor 0.14 - Local Info Disclosure

MySQL 5.1.x <5.1.41 - Privilege Escalation

SUSE Linux and openSUSE - Arbitrary File Write via Symlink Attack on Temporary File

Postfix 2.5.5 - Arbitrary File Write via Symlink Attack in postfix.postinst Script

Adobe AIR < 1.5.2 - Clickjacking via Link Selection or Dialog Completion

Red Hat dhcpd <3.0.1 - Local Privilege Escalation

xfig - Arbitrary File Read and Write via Symlink Attack on Temporary Files

Coccinelle 0.1.7 - Arbitrary File Overwrite via Symlink Attack

DirectAdmin < 1.33.4 - Unauthenticated Arbitrary File Write via Symlink Attack on Backup Temporary File

James Stone Tunapie 2.1 - Arbitrary File Overwrite via Symlink Attack

Sun xVM VirtualBox 2.0.0-2.1.4 - Privilege Escalation via Hardlink Attack

Rockwell Automation ControlLogix 1756-ENBT/A - Open Redirect

Mozilla Firefox <3.0.6 & SeaMonkey - XSS

SBLIM sblim-sfcb 1.3.2 - Local Privilege Escalation

Autonomy Ultraseek - Open Redirect via cs.html url Parameter

Apple Safari 3.2.1 - Denial of Service via Malformed HTTP URI Authority

winetricks <20081223 - Local Privilege Escalation

CUPS - Arbitrary File Overwrite via Symlink Attack on Temporary File

CVE-2008-7273 HIGH

Iceweasel-firegpg <0.6 - Info Disclosure

MySQL <6.0.9-alpha - Privilege Escalation

WordPress - Open Redirect via Upgrade Backto Parameter

Previous Page 51 of 62 Next

Details

Vulnerabilities 1,527

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy