Total
8266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19856 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
GitLab CE/EE before 11.3.12, 11.4.x before 11.4.10, and 11.5.x before 11.5.3 allows Directory Traversal in Templates API.
|
|||||
| CVE-2018-19753 | 1 Oracle | 1 Tarantella Enterprise | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Tarantella Enterprise before 3.11 allows Directory Traversal.
|
|||||
| CVE-2018-19748 | 1 Sdcms | 1 Sdcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector).
|
|||||
| CVE-2018-19666 | 3 Microsoft, Ossec, Wazuh | 3 Windows, Ossec, Wazuh | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.
|
|||||
| CVE-2018-19586 | 1 Silverpeas | 1 Silverpeas | 2024-11-21 | 9.0 HIGH | 9.9 CRITICAL |
|
Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands o ...
Show More |
|||||
| CVE-2018-19512 | 1 Ens | 1 Webgalamb | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.
|
|||||
| CVE-2018-19365 | 1 Wowza | 1 Streaming Engine | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.
|
|||||
| CVE-2018-19329 | 1 Greencms | 1 Greencms | 2024-11-21 | 5.5 MEDIUM | 4.9 MEDIUM |
|
GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.
|
|||||
| CVE-2018-19328 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal.
|
|||||
| CVE-2018-19326 | 1 Zyxel | 2 Vmg1312-b10d, Vmg1312-b10d Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory Traversal, as demonstrated by reading /etc/passwd.
|
|||||
| CVE-2018-19228 | 1 Laobancms | 1 Laobancms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
|
|||||
| CVE-2018-19197 | 1 Xiaocms | 1 Xiaocms | 2024-11-21 | 5.5 MEDIUM | 4.9 MEDIUM |
|
An issue was discovered in XiaoCms 20141229. admin\controller\database.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.
|
|||||
| CVE-2018-19181 | 1 Yunucms | 1 Yunucms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.
|
|||||
| CVE-2018-19124 | 2 Microsoft, Prestashop | 2 Windows, Prestashop | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.
|
|||||
| CVE-2018-19052 | 4 Debian, Lighttpd, Opensuse and 1 more | 5 Debian Linux, Lighttpd, Backports Sle and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
|
|||||
| CVE-2018-19043 | 1 Media File Manager Project | 1 Media File Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.
|
|||||
| CVE-2018-19042 | 1 Media File Manager Project | 1 Media File Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.
|
|||||
| CVE-2018-19040 | 1 Media File Manager Project | 1 Media File Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
|
|||||
| CVE-2018-19003 | 1 Ge | 6 Ex2100e, Ex2100e Firmware, Ls2100e and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fails to restrict the ability of an attacker to gain access to restricted information.
|
|||||
| CVE-2018-1999020 | 1 Opennetworking | 1 Onos | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
|
Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). This attack appear to be exploitable via a specially crafted zip file should be uploaded.
|
|||||
| CVE-2018-18990 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
|
|||||
| CVE-2018-18950 | 1 Kindeditor | 1 Kindeditor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.
|
|||||
| CVE-2018-18936 | 1 Popojicms | 1 Popojicms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.
|
|||||
| CVE-2018-18894 | 1 Lexmark | 98 6500e, 6500e Firmware, C748 and 95 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server.
|
|||||
| CVE-2018-18890 | 1 1234n | 1 Minicms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename.
|
|||||
| CVE-2018-18876 | 1 Columbiaweather | 2 Weather Microserver, Weather Microserver Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a readouts_rd.php directory traversal issue makes it possible to read any file present on the underlying operating system.
|
|||||
| CVE-2018-18869 | 1 Phome | 1 Empirecms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter.
|
|||||
| CVE-2018-18863 | 1 Ngahr | 1 Resourcelink | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
NGA ResourceLink 20.0.2.1 allows local file inclusion.
|
|||||
| CVE-2018-18831 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java in MCMS 4.6.5. An attacker can write a .jsp file (in the position parameter) to an arbitrary directory via a ../ Directory Traversal in the url parameter.
|
|||||
| CVE-2018-18777 | 1 Microstrategy | 1 Microstrategy Web | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage) allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
|
|||||
| CVE-2018-18713 | 1 Phpyun | 1 Phpyun | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.
|
|||||
| CVE-2018-18703 | 1 Phptpoint | 1 Mailing Server Using File Handling | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.
|
|||||
| CVE-2018-18593 | 1 Hp | 1 Ucmdb Configuration Manager | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
|
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
|
|||||
| CVE-2018-18586 | 1 Kyzer | 1 Libmspack | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application
|
|||||
| CVE-2018-18576 | 1 Incsub | 1 Hustle | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI.
|
|||||
| CVE-2018-18552 | 1 Serverscheck | 1 Monitoring Software | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
|
ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes from a Directory Traversal bug (via the sensor_details.html id parameter) that allows creating empty files in arbitrary directories.
|
|||||
| CVE-2018-18485 | 1 Phpshe | 1 Phpshe | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock.
|
|||||
| CVE-2018-18323 | 1 Control-webpanel | 1 Webpanel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
|
|||||
| CVE-2018-18257 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
|
An issue was discovered in BageCMS 3.1.3. An attacker can delete any files and folders on the web server via an index.php?r=admini/template/batch&command=deleteFile&fileName= or index.php?r=admini/template/batch&command=deleteFolder&folderName=../ directory traversal URI.
|
|||||
| CVE-2018-17934 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code.
|
|||||