Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-16 | CVE-2018-5755 | Path Traversal vulnerability in Open-Xchange Appsuite Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a full pathname in a formula in a spreadsheet. | 5.5 |
| 2018-06-15 | CVE-2018-12494 | Path Traversal vulnerability in Publiccms 4.0.20180210 An issue was discovered in PublicCMS V4.0.20180210. | 6.5 |
| 2018-06-15 | CVE-2018-12493 | Path Traversal vulnerability in Publiccms 4.0.20180210 An issue was discovered in PublicCMS V4.0.20180210. | 6.5 |
| 2018-06-14 | CVE-2017-17309 | Path Traversal vulnerability in Huawei Hg255S-10 Firmware V100R001C163B025Sp02 Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication. | 7.5 |
| 2018-06-12 | CVE-2018-0496 | Path Traversal vulnerability in multiple products Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. | 7.5 |
| 2018-06-11 | CVE-2017-5381 | Path Traversal vulnerability in Mozilla Firefox The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. | 7.5 |
| 2018-06-08 | CVE-2018-12054 | Path Traversal vulnerability in Schools Alert Management Script Project Schools Alert Management Script Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal. | 7.5 |
| 2018-06-08 | CVE-2018-12053 | Path Traversal vulnerability in Schools Alert Management Script Project Schools Alert Management Script Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal. | 7.5 |
| 2018-06-07 | CVE-2018-12042 | Path Traversal vulnerability in Roxyfileman Roxy Fileman Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter. | 7.5 |
| 2018-06-07 | CVE-2018-12031 | Path Traversal vulnerability in Eaton Intelligent Power Manager 1.6 Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. | 9.8 |