Vulners
Lucene search
CVE-2018-18925
🗓️ 04 Nov 2018 06:00:00Reported by mitreType 
cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 142 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | Exploit for Session Fixation in Gogs | 12 Sep 202117:57 | – | githubexploit |
| Exploit for Session Fixation in Gogs | 12 Sep 202117:57 | – | githubexploit |
 | Gogs Remote Code Execution Vulnerability | 6 Nov 201800:00 | – | cnvd |
 | CVE-2018-18925 | 4 Nov 201806:00 | – | cvelist |
 | EUVD-2022-3398 | 3 Oct 202520:07 | – | euvd |
 | Gogs (Go Git Service) 0.11.66 - Remote Code Execution | 22 Jun 202605:20 | – | nuclei |
 | CVE-2018-18925 | 4 Nov 201805:29 | – | nvd |
 | Gogs < 0.11.79 Multiple Vulnerabilities | 13 Nov 201800:00 | – | openvas |
 | CVE-2018-20303 | 20 Dec 201800:29 | – | osv |
| GHSA-9HXG-W7QF-HH93 Gogs Directory Traversal | 14 May 202201:37 | – | osv |
10
| Source | Link |
|---|---|
| github | www.github.com/gogs/gogs/issues/5469 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| i_like_gogits | header | ../tmp/local-repo/[REPO_ID]/[FILENAME] | Directory traversal in session file lookup via crafted session cookie enabling access to unintended files and potential RCE when combined with uploaded malicious file. | CWE-384 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 01:48Current
8.8High risk
Vulners AI Score8.8
CVSS 27.5
CVSS 39.8
EPSS0.31882