• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2018-19753

February 26, 2023 by

Tarantella Enterprise before 3.11 allows Directory Traversal.

CVE-2018-19748

February 26, 2023 by

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector).

CVE-2018-19666

February 26, 2023 by

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITYSYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.

CVE-2018-19586

February 26, 2023 by

Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system.

CVE-2018-19512

February 26, 2023 by

In Webgalamb through 7.0, a system/ajax.php “wgmfile restore” directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.

CVE-2018-19365

February 26, 2023 by

The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 128
  • Go to page 129
  • Go to page 130
  • Go to page 131
  • Go to page 132
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE