• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2018-12306

February 26, 2023 by

Directory Traversal in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to view arbitrary files by modifying the “file1” URL parameter, a similar issue to CVE-2018-11344.

CVE-2018-12309

February 26, 2023 by

Directory Traversal in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to upload files to arbitrary locations by modifying the “path” URL parameter. NOTE: the “filename” POST parameter is covered by CVE-2018-11345.

CVE-2018-12314

February 26, 2023 by

Directory Traversal in downloadwallpaper.cgi in ASUSTOR ADM version 3.1.1 allows attackers to download arbitrary files by manipulating the “file” and “folder” URL parameters.

CVE-2018-1211

February 26, 2023 by

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server’s URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings.

CVE-2018-12036

February 26, 2023 by

OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.

CVE-2018-1204

February 26, 2023 by

Dell EMC Isilon OneFS versions between 8.1.0.0 – 8.1.0.1, 8.0.1.0 – 8.0.1.2, and 8.0.0.0 – 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary code with root privileges.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 156
  • Go to page 157
  • Go to page 158
  • Go to page 159
  • Go to page 160
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE