Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-17 | CVE-2018-14363 | Path Traversal vulnerability in multiple products An issue was discovered in NeoMutt before 2018-07-16. | 7.5 |
| 2018-07-17 | CVE-2018-14355 | Path Traversal vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. | 5.3 |
| 2018-07-17 | CVE-2018-13864 | Path Traversal vulnerability in Lightbend Play Framework A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. | 7.5 |
| 2018-07-16 | CVE-2018-13980 | Path Traversal vulnerability in Zeta-Producer Zeta Producer The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. | 5.5 |
| 2018-07-15 | CVE-2018-14064 | Path Traversal vulnerability in Velotismart Project Velotismart Wifi Firmware B380 The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. | 9.8 |
| 2018-07-15 | CVE-2018-14056 | Path Traversal vulnerability in multiple products ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. | 5.3 |
| 2018-07-13 | CVE-2016-9484 | Path Traversal vulnerability in Jqueryform PHP Formmail Generator The generated PHP form code does not properly validate user input folder directories, allowing a remote unauthenticated attacker to perform a path traversal and access arbitrary files on the server. | 7.5 |
| 2018-07-13 | CVE-2018-1000208 | Path Traversal vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. | 7.5 |
| 2018-07-13 | CVE-2018-14036 | Path Traversal vulnerability in Freedesktop Accountsservice Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. | 6.5 |
| 2018-07-10 | CVE-2016-10726 | Path Traversal vulnerability in Duraspace Dspace The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI. | 7.5 |