CVE List by Type: Directory Traversal (Filtered by Published Year)

Explore CVEs related to Directory Traversal vulnerabilities, filtered by published year. This list is sorted by most recent disclosures first and supports filtering by CVSS and EPSS risk scores.

Includes the most recent vulnerability disclosures and trends, helping security teams quickly identify high-risk issues and exploitation likelihood.

You're viewing Directory Traversal CVEs published in 2018. View full CVE list

Showing 120 of 1719 results
«« First « Prev Page 1 / 86 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2018-18593 Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information 6.5 6.59% 2018-12-31 2026-06-16
CVE-2018-20610 imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. 4.9 1.90% 2018-12-30 2026-06-16
CVE-2018-20609 imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI. 5.3 2.65% 2018-12-30 2026-06-16
CVE-2018-20608 imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. 7.5 12.43% 2018-12-30 2026-06-16
CVE-2018-20607 imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. 5.3 2.65% 2018-12-30 2026-06-16
CVE-2018-20606 imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. 7.5 2.61% 2018-12-30 2026-06-16
CVE-2018-20604 Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI to read the 1.txt file. 4.9 1.37% 2018-12-30 2026-06-16
CVE-2018-20602 Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI. 7.5 1.29% 2018-12-30 2026-06-16
CVE-2018-14986 The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001, (android.20170630.092853-0)) containing an exported content provider named com.android.messaging.datamodel.MessagingContentProvider. Any app co-located on the device can read the most recent text message from each conversation. That is, for each pho 7.5 1.25% 2018-12-28 2026-06-16
CVE-2018-14984 The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001, (android.20170630.092853-0)) with an exported broadcast receiver app component named com.android.messaging.trackersender.TrackerSender. Any app co-located on the device, even one with no permissions, can send a broadcast intent with certain embedded 7.5 1.03% 2018-12-28 2026-06-16
CVE-2018-14979 The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed app with a package name of com.asus.loguploader (versionCode=1570000275, versionName=7.0.0.55_170515). This app contains an exported service app component named com.asus.loguploader.LogUploaderService that, when accessed with a particular action string, will write a bugreport (kernel log, logcat log, and the state of sys 4.7 0.41% 2018-12-28 2026-06-16
CVE-2018-20571 DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add/id request, as demonstrated by admin.php?s=Tpl/Add/id/.\Public\Config\config.ini.php to read the global configuration file. 7.5 1.37% 2018-12-28 2026-06-16
CVE-2018-20566 An issue was discovered in DouCo DouPHP 1.5 20181221. It allows full path disclosure in "Smarty error: unable to read resource" error messages for a crafted installation page. 5.3 1.29% 2018-12-28 2026-06-16
CVE-2018-20511 An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call. 5.5 0.45% 2018-12-27 2026-06-16
CVE-2018-11741 NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs. 9.8 17.89% 2018-12-26 2026-06-16
CVE-2018-20483 set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partia 7.8 0.66% 2018-12-26 2026-06-16
CVE-2018-20478 An issue was discovered in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownName=download.Php value. 7.5 1.21% 2018-12-25 2026-06-16
CVE-2018-20463 An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. There is an arbitrary file read vulnerability via ../ directory traversal in query=php://filter/resource= in the jsmol.php query string. This can also be used for SSRF. 7.5 13.08% 2018-12-25 2026-06-16
CVE-2018-20437 An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. An attacker can download a file via a request of the form /common/download?filename=1.jsp&delete=false. NOTE: the software maintainer disputes the significance of this report because the product uses a JAR archive for deployment, and this contains application.yml with configuration data 7.5 2.44% 2018-12-25 2026-06-16
CVE-2018-7835 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. 7.5 1.76% 2018-12-24 2026-06-16
«« First « Prev Page 1 / 86 Next »
cvelogic Threat Intelligence