Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-30 | CVE-2018-16237 | Path Traversal vulnerability in Damicms 6.0.1 An issue was discovered in damiCMS V6.0.1. | 2.7 |
| 2018-08-30 | CVE-2018-15745 | Path Traversal vulnerability in Argussurveillance DVR 4.0.0.0 Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter. | 7.5 |
| 2018-08-30 | CVE-2018-11720 | Path Traversal vulnerability in Xovis PC2 Firmware, Pc2R Firmware and PC3 Firmware Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory Traversal. | 7.5 |
| 2018-08-30 | CVE-2018-16141 | Path Traversal vulnerability in Thinkcmf Thinkcmfx X2.2.3 ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. | 6.5 |
| 2018-08-29 | CVE-2018-16133 | Path Traversal vulnerability in Cybrotech Cybrohttpserver 1.0.3 Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI. | 5.3 |
| 2018-08-27 | CVE-2018-15810 | Path Traversal vulnerability in Visiology Flipbox 2.0.0/2.6.0 Visiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it does not sanitize filename parameters. | 7.5 |
| 2018-08-27 | CVE-2018-15695 | Path Traversal vulnerability in Asustor Data Master ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi. | 6.5 |
| 2018-08-27 | CVE-2018-15694 | Path Traversal vulnerability in Asustor Data Master ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. | 7.5 |
| 2018-08-24 | CVE-2018-15536 | Path Traversal vulnerability in Tecrail Responsive Filemanager /filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal. | 5.5 |
| 2018-08-24 | CVE-2018-15535 | Path Traversal vulnerability in Tecrail Responsive Filemanager /filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal. | 7.5 |