• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2018-16961

February 26, 2023 by

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.

CVE-2018-16968

February 26, 2023 by

Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal.

CVE-2018-16858

February 26, 2023 by

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

CVE-2018-16819

February 26, 2023 by

admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/…….//./…….//./&delete_file= requests.

CVE-2018-16820

February 26, 2023 by

admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listing via id=filesmanager&path=uploads/…….//./…….//./ requests.

CVE-2018-16831

February 26, 2023 by

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusted_dir protection mechanism via a file:./../ substring in an include statement.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 138
  • Go to page 139
  • Go to page 140
  • Go to page 141
  • Go to page 142
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE