Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-11 | CVE-2018-16836 | Path Traversal vulnerability in Rubedo Project Rubedo Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI. | 9.8 |
| 2018-09-11 | CVE-2018-16831 | Path Traversal vulnerability in Smarty Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an include statement. | 5.9 |
| 2018-09-10 | CVE-2018-16774 | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete. | 7.5 |
| 2018-09-07 | CVE-2018-16059 | Path Traversal vulnerability in Endress Wirelesshart Fieldgate Swg70 Firmware 3.00.07 Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter. | 5.3 |
| 2018-09-07 | CVE-2018-0660 | Path Traversal vulnerability in Hibara Attachecase Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create arbitrary files via specially crafted ATC file. | 3.3 |
| 2018-09-07 | CVE-2018-0659 | Path Traversal vulnerability in Hibara Attachecase Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file. | 5.5 |
| 2018-09-06 | CVE-2018-1000801 | Path Traversal vulnerability in multiple products okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. | 5.5 |
| 2018-09-06 | CVE-2018-1000659 | Path Traversal vulnerability in Limesurvey LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as authenticated user. | 8.8 |
| 2018-09-05 | CVE-2018-16549 | Path Traversal vulnerability in PHP File Browser Script Project PHP File Browser Script 1.0 HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. | 5.3 |
| 2018-09-05 | CVE-2018-16437 | Path Traversal vulnerability in Gxlcms 2.0 Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. | 4.9 |