Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-10 | CVE-2018-16774 | Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0 HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete. | 7.5 |
| 2018-09-07 | CVE-2018-16059 | Path Traversal vulnerability in Endress Wirelesshart Fieldgate Swg70 Firmware 3.00.07 Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter. | 5.3 |
| 2018-09-07 | CVE-2018-0660 | Path Traversal vulnerability in Hibara Attachecase Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create arbitrary files via specially crafted ATC file. | 3.3 |
| 2018-09-07 | CVE-2018-0659 | Path Traversal vulnerability in Hibara Attachecase Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file. | 5.5 |
| 2018-09-06 | CVE-2018-1000801 | Path Traversal vulnerability in multiple products okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. | 5.5 |
| 2018-09-06 | CVE-2018-1000659 | Path Traversal vulnerability in Limesurvey LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as authenticated user. | 8.8 |
| 2018-09-05 | CVE-2018-16549 | Path Traversal vulnerability in PHP File Browser Script Project PHP File Browser Script 1.0 HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. | 5.3 |
| 2018-09-05 | CVE-2018-16437 | Path Traversal vulnerability in Gxlcms 2.0 Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. | 4.9 |
| 2018-09-05 | CVE-2015-9266 | Path Traversal vulnerability in multiple products The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. | 9.8 |
| 2018-09-05 | CVE-2018-16518 | Path Traversal vulnerability in Primx Zed! and Zed! Free A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading function can place an executable file into a Startup folder. | 9.8 |