Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-01 | CVE-2018-3949 | Path Traversal vulnerability in Tp-Link Tl-R600Vpn Firmware 1.2.3/1.3.0 An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. | 7.5 |
| 2018-11-30 | CVE-2018-7807 | Path Traversal vulnerability in Schneider-Electric Struxureware Data Center Expert Data Center Expert, versions 7.5.0 and earlier, allows for the upload of a zip file from its user interface to the server. | 8.8 |
| 2018-11-30 | CVE-2018-7806 | Path Traversal vulnerability in Schneider-Electric Struxureware Data Center Operation Data Center Operation allows for the upload of a zip file from its user interface to the server. | 8.8 |
| 2018-11-29 | CVE-2018-19748 | Path Traversal vulnerability in Sdcms 1.6 app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. | 7.5 |
| 2018-11-29 | CVE-2018-19666 | Path Traversal vulnerability in multiple products The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server. | 7.8 |
| 2018-11-27 | CVE-2018-13332 | Path Traversal vulnerability in Terra-Master Terramaster Operating System 3.1.03 Directory Traversal in the explorer application in TerraMaster TOS version 3.1.03 allows attackers to upload files to arbitrary locations via the "path" URL parameter. | 7.5 |
| 2018-11-27 | CVE-2018-17934 | Path Traversal vulnerability in Nuuo CMS NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. | 9.8 |
| 2018-11-26 | CVE-2018-13322 | Path Traversal vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 Directory traversal in list_folders method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to list directory contents via the "path" parameter. | 6.5 |
| 2018-11-17 | CVE-2018-19329 | Path Traversal vulnerability in Greencms 2.3.0603 GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button. | 4.9 |
| 2018-11-17 | CVE-2018-19328 | Path Traversal vulnerability in Laobancms 2.0 LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal. | 9.8 |