Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2018-07-26 CVE-2018-0617 Path Traversal vulnerability in Chama Memocgi
Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
chama CWE-22
7.5
7.5
2018-07-25 CVE-2018-1002209 Path Traversal vulnerability in Quazip Project Quazip
QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
quazip-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002208 Path Traversal vulnerability in Sharpziplib Project Sharpziplib
SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
sharpziplib-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002207 Path Traversal vulnerability in Archiver Project Archiver
mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.
local
low complexity
archiver-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002206 Path Traversal vulnerability in Sharpcompress Project Sharpcompress
SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
sharpcompress-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002205 Path Traversal vulnerability in Dotnetzip.Semverd Project Dotnetzip.Semverd
DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
dotnetzip-semverd-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002204 Path Traversal vulnerability in Adm-Zip Project Adm-Zip
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
adm-zip-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002203 Path Traversal vulnerability in Unzipper Project Unzipper
unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
unzipper-project CWE-22
5.5
5.5
2018-07-25 CVE-2018-1002202 Path Traversal vulnerability in Zip4J Project Zip4J
zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
network
low complexity
zip4j-project CWE-22
6.5
6.5
2018-07-25 CVE-2018-1002201 Path Traversal vulnerability in Jrebel Zt-Zip
zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.
local
low complexity
jrebel CWE-22
5.5
5.5