Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-30 | CVE-2018-20610 | Path Traversal vulnerability in Txjia Imcat 4.4 imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. | 4.9 |
| 2018-12-30 | CVE-2018-20604 | Path Traversal vulnerability in Lfdycms LEI Feng TV CMS 3.8.6 Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI to read the 1.txt file. | 4.9 |
| 2018-12-28 | CVE-2018-20566 | Path Traversal vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 5.3 |
| 2018-12-25 | CVE-2018-20463 | Path Traversal vulnerability in Jsmol2Wp Project Jsmol2Wp 1.07 An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. | 7.5 |
| 2018-12-25 | CVE-2018-20437 | Path Traversal vulnerability in Mrbird Febs-Shiro An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. | 7.5 |
| 2018-12-24 | CVE-2018-7835 | Path Traversal vulnerability in Schneider-Electric Iiot Monior 3.1.38 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. | 7.5 |
| 2018-12-21 | CVE-2018-20332 | Path Traversal vulnerability in Openwebif Project Openwebif An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. | 7.5 |
| 2018-12-20 | CVE-2018-1000882 | Path Traversal vulnerability in Webidsupport Webid WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. | 7.5 |
| 2018-12-20 | CVE-2018-1000857 | Path Traversal vulnerability in Open-Systems Log-User-Session log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. | 8.8 |
| 2018-12-20 | CVE-2018-1000850 | Path Traversal vulnerability in Squareup Retrofit Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. | 7.5 |