Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-19 | CVE-2018-12560 | Path Traversal vulnerability in Cantata Project Cantata An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. | 6.5 |
| 2018-06-19 | CVE-2018-12559 | Path Traversal vulnerability in Cantata Project Cantata An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. | 8.8 |
| 2018-06-18 | CVE-2018-12530 | Path Traversal vulnerability in Metinfo 6.0.0 An issue was discovered in MetInfo 6.0.0. | 6.5 |
| 2018-06-16 | CVE-2018-5755 | Path Traversal vulnerability in Open-Xchange Appsuite Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a full pathname in a formula in a spreadsheet. | 5.5 |
| 2018-06-15 | CVE-2018-12494 | Path Traversal vulnerability in Publiccms 4.0.20180210 An issue was discovered in PublicCMS V4.0.20180210. | 6.5 |
| 2018-06-15 | CVE-2018-12493 | Path Traversal vulnerability in Publiccms 4.0.20180210 An issue was discovered in PublicCMS V4.0.20180210. | 6.5 |
| 2018-06-14 | CVE-2017-17309 | Path Traversal vulnerability in Huawei Hg255S-10 Firmware V100R001C163B025Sp02 Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication. | 7.5 |
| 2018-06-12 | CVE-2018-0496 | Path Traversal vulnerability in multiple products Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. | 7.5 |
| 2018-06-11 | CVE-2017-5381 | Path Traversal vulnerability in Mozilla Firefox The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. | 7.5 |
| 2018-06-08 | CVE-2018-12054 | Path Traversal vulnerability in Schools Alert Management Script Project Schools Alert Management Script Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal. | 7.5 |