Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-06 | CVE-2018-7092 | Path Traversal vulnerability in HP Intelligent Management Center 7.3 A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. | 7.5 |
| 2018-08-05 | CVE-2018-14942 | Path Traversal vulnerability in Harmonicinc NSG 9000 Firmware Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data. | 8.8 |
| 2018-08-03 | CVE-2018-14927 | Path Traversal vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp. | 5.3 |
| 2018-08-03 | CVE-2018-14912 | Path Traversal vulnerability in multiple products cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. | 7.5 |
| 2018-08-02 | CVE-2018-14847 | Path Traversal vulnerability in Mikrotik Routeros MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. | 9.1 |
| 2018-07-31 | CVE-2018-12939 | Path Traversal vulnerability in Seeddms A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. | 6.5 |
| 2018-07-27 | CVE-2017-2595 | Path Traversal vulnerability in Redhat Jboss Enterprise Application Platform It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal. | 6.5 |
| 2018-07-27 | CVE-2018-10862 | Path Traversal vulnerability in Redhat products WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. | 5.5 |
| 2018-07-26 | CVE-2018-0617 | Path Traversal vulnerability in Chama Memocgi Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. | 7.5 |
| 2018-07-25 | CVE-2018-1002209 | Path Traversal vulnerability in Quazip Project Quazip QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. | 5.5 |