Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-21 | CVE-2018-20332 | Path Traversal vulnerability in Openwebif Project Openwebif An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. | 7.5 |
| 2018-12-20 | CVE-2018-1000882 | Path Traversal vulnerability in Webidsupport Webid WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. | 7.5 |
| 2018-12-20 | CVE-2018-1000857 | Path Traversal vulnerability in Open-Systems Log-User-Session log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. | 8.8 |
| 2018-12-20 | CVE-2018-1000850 | Path Traversal vulnerability in Squareup Retrofit Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. | 7.5 |
| 2018-12-20 | CVE-2018-1000817 | Path Traversal vulnerability in Asset Pipeline Project Asset-Pipeline Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. | 7.5 |
| 2018-12-20 | CVE-2018-20303 | Path Traversal vulnerability in Gogs In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925. | 7.5 |
| 2018-12-19 | CVE-2018-20227 | Path Traversal vulnerability in Eclipse Rdf4J RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive. | 7.5 |
| 2018-12-17 | CVE-2018-20092 | Path Traversal vulnerability in PTC Thingworx Platform PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request. | 7.5 |
| 2018-12-17 | CVE-2017-18354 | Path Traversal vulnerability in Google Rendertron 1.0.0 Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker. | 7.5 |
| 2018-12-14 | CVE-2018-19003 | Path Traversal vulnerability in GE products GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fails to restrict the ability of an attacker to gain access to restricted information. | 7.5 |