Total
7067 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25059 | 1 Pastebinit Project | 1 Pastebinit | 2024-11-21 | 3.5 Low |
| A vulnerability was found in pastebinit up to 0.2.2 and classified as problematic. Affected by this issue is the function pasteHandler of the file server.go. The manipulation of the argument r.URL.Path leads to path traversal. Upgrading to version 0.2.3 is able to address this issue. The name of the patch is 1af2facb6d95976c532b7f8f82747d454a092272. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217040. | ||||
| CVE-2018-25046 | 1 Cloudfoundry | 1 Archiver | 2024-11-21 | 9.1 Critical |
| Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. | ||||
| CVE-2018-20795 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php. | ||||
| CVE-2018-20794 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php. | ||||
| CVE-2018-20793 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | ||||
| CVE-2018-20792 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php. | ||||
| CVE-2018-20790 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php. | ||||
| CVE-2018-20789 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php. | ||||
| CVE-2018-20769 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2024-11-21 | N/A |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability. | ||||
| CVE-2018-20714 | 1 Woocommerce | 1 Woocommerce | 2024-11-21 | N/A |
| The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin. | ||||
| CVE-2018-20647 | 1 Car Rental Script Project | 1 Car Rental Script | 2024-11-21 | N/A |
| PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory. | ||||
| CVE-2018-20646 | 1 Basic B2b Script Project | 1 Basic B2b Script | 2024-11-21 | N/A |
| PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory. | ||||
| CVE-2018-20643 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2024-11-21 | N/A |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | ||||
| CVE-2018-20638 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | N/A |
| PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | ||||
| CVE-2018-20635 | 1 Advance B2b Script Project | 1 Advance B2b Script | 2024-11-21 | N/A |
| PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory. | ||||
| CVE-2018-20631 | 1 Website Seller Script Project | 1 Website Seller Script | 2024-11-21 | N/A |
| PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file. | ||||
| CVE-2018-20630 | 1 Advance Crowdfunding Script Project | 1 Advance Crowdfunding Script | 2024-11-21 | N/A |
| PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | ||||
| CVE-2018-20629 | 1 Charity Donation Script Project | 1 Charity Donation Script | 2024-11-21 | N/A |
| PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | ||||
| CVE-2018-20628 | 1 Charity Foundation Script Project | 1 Charity Foundation Script | 2024-11-21 | N/A |
| PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | ||||
| CVE-2018-20626 | 1 Consumer Reviews Script Project | 1 Consumer Reviews Script | 2024-11-21 | N/A |
| PHP Scripts Mall Consumer Reviews Script 4.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | ||||