Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20628 | 1 Charity Foundation Script Project | 1 Charity Foundation Script | 2019-03-25 | 5.0 MEDIUM | 7.5 HIGH |
| PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | |||||
| CVE-2019-6274 | 1 Gl-inet | 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware | 2019-03-25 | 6.5 MEDIUM | 8.8 HIGH |
| Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences. | |||||
| CVE-2018-20629 | 1 Charity Donation Script Project | 1 Charity Donation Script | 2019-03-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | |||||
| CVE-2018-20630 | 1 Advance Crowdfunding Script Project | 1 Advance Crowdfunding Script | 2019-03-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | |||||
| CVE-2018-20631 | 1 Website Seller Script Project | 1 Website Seller Script | 2019-03-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file. | |||||
| CVE-2018-20638 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2019-03-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | |||||
| CVE-2018-20643 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2019-03-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | |||||
| CVE-2018-20626 | 1 Consumer Reviews Script Project | 1 Consumer Reviews Script | 2019-03-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Consumer Reviews Script 4.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | |||||
| CVE-2018-20647 | 1 Car Rental Script Project | 1 Car Rental Script | 2019-03-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory. | |||||
| CVE-2018-20646 | 1 Basic B2b Script Project | 1 Basic B2b Script | 2019-03-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory. | |||||
| CVE-2009-2693 | 1 Apache | 1 Tomcat | 2019-03-25 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry. | |||||
| CVE-2007-5461 | 1 Apache | 1 Tomcat | 2019-03-25 | 3.5 LOW | N/A |
| Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag. | |||||
| CVE-2018-19512 | 1 Ens | 1 Webgalamb | 2019-03-22 | 9.0 HIGH | 7.2 HIGH |
| In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory. | |||||
| CVE-2018-20635 | 1 Advance B2b Script Project | 1 Advance B2b Script | 2019-03-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | |||||
| CVE-2018-11344 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter. | |||||
| CVE-2018-16059 | 1 Endress | 2 Wirelesshart Fieldgate Swg70, Wirelesshart Fieldgate Swg70 Firmware | 2019-03-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter. | |||||
| CVE-2018-1000801 | 2 Debian, Kde | 2 Debian Linux, Okular | 2019-03-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1 | |||||
| CVE-2018-11341 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-20 | 6.5 MEDIUM | 7.2 HIGH |
| Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter. | |||||
| CVE-2017-8104 | 1 Mybb | 1 Mybb | 2019-03-19 | 5.0 MEDIUM | 5.3 MEDIUM |
| In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter. | |||||
| CVE-2018-12494 | 1 Publiccms | 1 Publiccms | 2019-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI. | |||||