Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-15 | CVE-2018-0673 | Path Traversal vulnerability in Cybozu Garoon Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors. | 8.1 |
| 2018-11-13 | CVE-2018-8009 | Path Traversal vulnerability in Apache Hadoop Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file. | 8.8 |
| 2018-11-12 | CVE-2018-19228 | Path Traversal vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. | 7.5 |
| 2018-11-12 | CVE-2018-1884 | Path Traversal vulnerability in IBM Case Manager IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a "zip slip" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. | 7.8 |
| 2018-11-12 | CVE-2018-19197 | Path Traversal vulnerability in Xiaocms 20141229 An issue was discovered in XiaoCms 20141229. | 4.9 |
| 2018-11-11 | CVE-2018-19181 | Path Traversal vulnerability in Yunucms 1.1.5 statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file. | 7.5 |
| 2018-11-09 | CVE-2018-19124 | Path Traversal vulnerability in Prestashop PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files. | 7.5 |
| 2018-11-08 | CVE-2018-15450 | Path Traversal vulnerability in Cisco Prime Collaboration 12.1 A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. | 6.5 |
| 2018-11-07 | CVE-2018-19052 | Path Traversal vulnerability in multiple products An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. | 7.5 |
| 2018-11-06 | CVE-2018-16475 | Path Traversal vulnerability in Knight Project Knight 0.0.1 A Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server. | 7.5 |