Total
5025 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10057 | 2 Bfgminer, Cgminer Project | 2 Bfgminer, Cgminer | 2018-07-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). | |||||
| CVE-2018-8008 | 1 Apache | 1 Storm | 2018-07-20 | 5.8 MEDIUM | 5.5 MEDIUM |
| Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. | |||||
| CVE-2017-16038 | 1 F2e-server Project | 1 F2e-server | 2018-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| `f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run. | |||||
| CVE-2017-16198 | 1 Ritp Project | 1 Ritp | 2018-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| ritp is a static web server. ritp is vulnerable to a directory traversal issue whereby an attacker can gain access to the file system by placing ../ in the URL. Access is restricted to files with a file extension, so files such as /etc/passwd are not accessible. | |||||
| CVE-2018-12042 | 1 Roxyfileman | 1 Roxy Fileman | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter. | |||||
| CVE-2018-12053 | 1 Schools Alert Management Script Project | 1 Schools Alert Management Script | 2018-07-17 | 6.4 MEDIUM | 7.5 HIGH |
| Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal. | |||||
| CVE-2018-12054 | 1 Schools Alert Management Script Project | 1 Schools Alert Management Script | 2018-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal. | |||||
| CVE-2016-6614 | 1 Phpmyadmin | 1 Phpmyadmin | 2018-07-07 | 4.3 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | |||||
| CVE-2018-11141 | 1 Quest | 1 Kace System Management Appliance | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions. | |||||
| CVE-2018-11494 | 1 Opencart | 1 Opencart | 2018-06-29 | 6.0 MEDIUM | 8.0 HIGH |
| The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code']. | |||||
| CVE-2018-11495 | 1 Opencart | 1 Opencart | 2018-06-29 | 4.0 MEDIUM | 4.9 MEDIUM |
| OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the download_id. For example, an attacker can download ../../config.php. | |||||
| CVE-2018-11137 | 1 Quest | 1 Kace System Management Appliance | 2018-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| The 'checksum' parameter of the '/common/download_attachment.php' script in the Quest KACE System Management Appliance 8.0.318 can be abused to read arbitrary files with 'www' privileges via Directory Traversal. No administrator privileges are needed to execute this script. | |||||
| CVE-2018-10357 | 1 Trendmicro | 1 Endpoint Application Control | 2018-06-26 | 9.0 HIGH | 8.8 HIGH |
| A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability. | |||||
| CVE-2018-11413 | 1 Bearadmin Project | 1 Bearadmin | 2018-06-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in BearAdmin 0.5. Remote attackers can download arbitrary files via /admin/databack/download.html?name= directory traversal sequences, as demonstrated by name=../application/database.php to read the MySQL credentials in the configuration. | |||||
| CVE-2018-11248 | 1 Liulishuo | 1 Filedownloader | 2018-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal. | |||||
| CVE-2015-4666 | 1 Xceedium | 1 Xsuite | 2018-06-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter. | |||||
| CVE-2018-8003 | 1 Apache | 1 Ambari | 2018-06-13 | 5.0 MEDIUM | 5.3 MEDIUM |
| Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue. | |||||
| CVE-2018-1000175 | 1 Jenkins | 1 Html Publisher | 2018-06-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master. | |||||
| CVE-2018-7933 | 1 Huawei | 4 Hirouter-cd20, Hirouter-cd20 Firmware, Ws5200 and 1 more | 2018-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation. | |||||
| CVE-2015-1503 | 1 Icewarp | 1 Mail Server | 2018-06-12 | 7.8 HIGH | 7.5 HIGH |
| Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php. | |||||