Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-24 | CVE-2018-15750 | Path Traversal vulnerability in Saltstack Salt Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server. | 5.3 |
| 2018-10-23 | CVE-2018-7431 | Path Traversal vulnerability in Splunk Directory traversal vulnerability in the Splunk Django App in Splunk Enterprise 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2.14, 6.3.x before 6.3.10, 6.4.x before 6.4.6, and 6.5.x before 6.5.3; and Splunk Light before 6.6.0 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |
| 2018-10-23 | CVE-2018-17444 | Path Traversal vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | 7.5 |
| 2018-10-23 | CVE-2018-14806 | Path Traversal vulnerability in Advantech Webaccess Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code. | 9.8 |
| 2018-10-23 | CVE-2018-18586 | Path Traversal vulnerability in Kyzer Libmspack chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. | 5.3 |
| 2018-10-18 | CVE-2018-18485 | Path Traversal vulnerability in PHPshe 1.7 An issue was discovered in PHPSHE 1.7. | 7.5 |
| 2018-10-18 | CVE-2015-4632 | Path Traversal vulnerability in Koha Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search. | 7.5 |
| 2018-10-17 | CVE-2018-0420 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software 8.2(151.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. | 6.5 |
| 2018-10-17 | CVE-2018-10822 | Path Traversal vulnerability in Dlink products Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. | 7.5 |
| 2018-10-17 | CVE-2018-18434 | Path Traversal vulnerability in Litemall Project Litemall 0.9.0 An issue was discovered in litemall 0.9.0. | 7.5 |