Total
6555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0705 | 1 Cybozu | 1 Dezie | 2024-11-21 | 7.5 HIGH | 9.1 CRITICAL |
| Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests. | |||||
| CVE-2018-0704 | 1 Cybozu | 1 Office | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen. | |||||
| CVE-2018-0703 | 1 Cybozu | 1 Office | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests. | |||||
| CVE-2018-0702 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delete arbitrary files via unspecified vectors. | |||||
| CVE-2018-0693 | 1 Soliton | 1 Filezen | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors. | |||||
| CVE-2018-0673 | 1 Cybozu | 1 Garoon | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0660 | 1 Hibara | 1 Attachecase | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create arbitrary files via specially crafted ATC file. | |||||
| CVE-2018-0659 | 1 Hibara | 1 Attachecase | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
| Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file. | |||||
| CVE-2018-0646 | 1 Ponsoftware | 1 Explzh | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Directory traversal vulnerability in Explzh v.7.58 and earlier allows an attacker to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0617 | 1 Chama | 1 Memocgi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0588 | 1 Ultimatemember | 1 User Profile \& Membership | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0586 | 1 Ultimatemember | 1 User Profile \& Membership | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0542 | 1 Webproxy Project | 1 Webproxy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0525 | 1 Jubat | 1 Jubatus | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-0496 | 2 Debian, Dinknetwork | 3 Debian Linux, Dfarc, Dfarc2 | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. | |||||
| CVE-2018-0464 | 1 Cisco | 1 Prime Data Center Network Manager | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validation of user requests within the management interface. An attacker could exploit this vulnerability by sending malicious requests containing directory traversal character sequences within the management interface. An exploit could allow the attacker to view or create arbitrary files on the targeted system. | |||||
| CVE-2018-0426 | 1 Cisco | 6 Rv110w Firmware, Rv110w Wireless-n Vpn Firewall, Rv130w and 3 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to the targeted device. A successful exploit could allow the attacker to gain access to arbitrary files on the affected device, resulting in the disclosure of sensitive information. | |||||
| CVE-2018-0420 | 1 Cisco | 1 Wireless Lan Controller Software | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based interface of Cisco Wireless LAN Controller Software could allow an authenticated, remote attacker to view sensitive information. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames and pathnames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. A successful exploit could allow the attacker to view system files on the targeted device, which may contain sensitive information. | |||||
| CVE-2018-0405 | 1 Cisco | 4 Rv180w, Rv180w Firmware, Rv220w and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location. | |||||
| CVE-2018-0323 | 1 Cisco | 1 Network Functions Virtualization Infrastructure | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker who has access to the web management interface of the affected application could exploit this vulnerability by sending a malicious web request to the affected device. A successful exploit could allow the attacker to access sensitive information on the affected system. Cisco Bug IDs: CSCvh99631. | |||||