• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2018-19326

February 26, 2023 by

Zyxel VMG1312-B10D devices before 5.13(AAXA.8)C0 allow ../ Directory Traversal, as demonstrated by reading /etc/passwd.

CVE-2018-19328

February 26, 2023 by

LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal.

CVE-2018-19329

February 26, 2023 by

GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button.

CVE-2018-19228

February 26, 2023 by

An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.

CVE-2018-19197

February 26, 2023 by

An issue was discovered in XiaoCms 20141229. admincontrollerdatabase.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.

CVE-2018-19181

February 26, 2023 by

statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 129
  • Go to page 130
  • Go to page 131
  • Go to page 132
  • Go to page 133
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE