Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-15 | CVE-2018-1744 | Path Traversal vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-10-15 | CVE-2018-18323 | Path Traversal vulnerability in Control-Webpanel Webpanel 0.9.8.480 CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI. | 7.5 |
| 2018-10-12 | CVE-2018-1770 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-10-11 | CVE-2018-18257 | Path Traversal vulnerability in Bagesoft Bagecms 3.1.3 An issue was discovered in BageCMS 3.1.3. | 7.5 |
| 2018-10-10 | CVE-2018-12542 | Path Traversal vulnerability in Eclipse Vert.X In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\' (forward slashes) sequences that can resolve to a location that is outside of that directory when running on Windows Operating Systems. | 9.8 |
| 2018-10-10 | CVE-2018-8495 | Path Traversal vulnerability in Microsoft Windows 10 and Windows Server 2016 A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 7.5 |
| 2018-10-05 | CVE-2018-0405 | Path Traversal vulnerability in Cisco Rv180W Firmware and Rv220W Firmware A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. | 7.5 |
| 2018-10-05 | CVE-2018-0464 | Path Traversal vulnerability in Cisco Prime Data Center Network Manager A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. | 8.1 |
| 2018-10-05 | CVE-2018-0426 | Path Traversal vulnerability in Cisco Rv110W Firmware, Rv130W Firmware and Rv215W Firmware A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain access to sensitive information. | 9.8 |
| 2018-10-05 | CVE-2018-1649 | Path Traversal vulnerability in IBM Qradar Incident Forensics IBM QRadar Incident Forensics 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. | 6.5 |