1 results (0.005 seconds)
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-16518
https://notcve.org/view.php?id=CVE-2018-16518
05 Sep 2018 — A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading function can place an executable file into a Startup folder. Una vulnerabilidad de salto de directorio con ejecución remota de código en Prim'X Zed! • https://github.com/ponypot/cve/blob/master/zed_watermarkExtension.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •