Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-25 | CVE-2018-1002202 | Path Traversal vulnerability in Zip4J Project Zip4J zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. | 6.5 |
| 2018-07-25 | CVE-2018-1002201 | Path Traversal vulnerability in Jrebel Zt-Zip zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. | 5.5 |
| 2018-07-25 | CVE-2018-1002200 | Path Traversal vulnerability in multiple products plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. | 5.5 |
| 2018-07-24 | CVE-2017-3188 | Path Traversal vulnerability in Dotcms The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. | 6.5 |
| 2018-07-23 | CVE-2018-14573 | Path Traversal vulnerability in Trms Tightrope Media Carousel Digital Signage A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. | 5.5 |
| 2018-07-23 | CVE-2018-1999020 | Path Traversal vulnerability in Opennetworking Onos Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). | 5.5 |
| 2018-07-23 | CVE-2018-6677 | Path Traversal vulnerability in Mcafee web Gateway 7.8.1.0 Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors. | 9.1 |
| 2018-07-20 | CVE-2018-3770 | Path Traversal vulnerability in Markdown-Pdf Project Markdown-Pdf A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files. | 5.5 |
| 2018-07-18 | CVE-2018-14364 | Path Traversal vulnerability in Gitlab GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component. | 9.8 |
| 2018-07-18 | CVE-2018-14371 | Path Traversal vulnerability in Eclipse Mojarra The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. | 7.5 |