Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-28 | CVE-2018-20566 | Path Traversal vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 5.3 |
| 2018-12-25 | CVE-2018-20463 | Path Traversal vulnerability in Jsmol2Wp Project Jsmol2Wp 1.07 An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. | 7.5 |
| 2018-12-25 | CVE-2018-20437 | Path Traversal vulnerability in Mrbird Febs-Shiro An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. | 7.5 |
| 2018-12-24 | CVE-2018-7835 | Path Traversal vulnerability in Schneider-Electric Iiot Monior 3.1.38 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. | 7.5 |
| 2018-12-21 | CVE-2018-20332 | Path Traversal vulnerability in Openwebif Project Openwebif An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. | 7.5 |
| 2018-12-20 | CVE-2018-1000882 | Path Traversal vulnerability in Webidsupport Webid WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. | 7.5 |
| 2018-12-20 | CVE-2018-1000857 | Path Traversal vulnerability in Open-Systems Log-User-Session log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. | 8.8 |
| 2018-12-20 | CVE-2018-1000850 | Path Traversal vulnerability in Squareup Retrofit Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. | 7.5 |
| 2018-12-20 | CVE-2018-1000817 | Path Traversal vulnerability in Asset Pipeline Project Asset-Pipeline Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. | 7.5 |
| 2018-12-20 | CVE-2018-20303 | Path Traversal vulnerability in Gogs In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925. | 7.5 |