Lucene search
GoogleOSV:CVE-2018-18950HistoryNov 05, 2018 - 9:29 a.m.
CVE-2018-18950
2018-11-0509:29:00
Google
osv.dev
2
KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kindeditor | eq | 4.1 | |
| kindeditor | eq | 4.1.6 | |
| kindeditor | eq | 4.1.9 | |
| kindeditor | eq | 4.1.3 | |
| kindeditor | eq | 4.1.11 | |
| kindeditor | eq | 4.1.5 | |
| kindeditor | eq | 4.1.10 | |
| kindeditor | eq | 4.1.4 | |
| kindeditor | eq | 4.1.2 | |
| kindeditor | eq | 4.1.1 |
Related
cvelist
cvelist
CVE-2018-18950
2022-10-03 16:22:03
prion
prion
Path traversal
2018-11-05 09:29:00
cve
cve
CVE-2018-18950
2022-10-03 16:22:03
veracode
veracode
Directory Traversal
2018-11-07 02:30:55
nvd
nvd
CVE-2018-18950
2018-11-05 09:29:00