Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-23 | CVE-2018-18586 | Path Traversal vulnerability in Kyzer Libmspack chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. | 5.3 |
| 2018-10-18 | CVE-2018-18485 | Path Traversal vulnerability in PHPshe 1.7 An issue was discovered in PHPSHE 1.7. | 7.5 |
| 2018-10-18 | CVE-2015-4632 | Path Traversal vulnerability in Koha Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search. | 7.5 |
| 2018-10-17 | CVE-2018-0420 | Path Traversal vulnerability in Cisco Wireless LAN Controller Software 8.2(151.0) A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. | 6.5 |
| 2018-10-17 | CVE-2018-10822 | Path Traversal vulnerability in Dlink products Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. | 7.5 |
| 2018-10-17 | CVE-2018-18434 | Path Traversal vulnerability in Litemall Project Litemall 0.9.0 An issue was discovered in litemall 0.9.0. | 7.5 |
| 2018-10-17 | CVE-2018-17899 | Path Traversal vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution. | 8.8 |
| 2018-10-15 | CVE-2018-15540 | Path Traversal vulnerability in Agentejo Cockpit Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an attacker to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal. | 9.8 |
| 2018-10-15 | CVE-2018-1744 | Path Traversal vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2018-10-15 | CVE-2018-18323 | Path Traversal vulnerability in Control-Webpanel Webpanel 0.9.8.480 CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI. | 7.5 |