What is CVE-2018-9118?

CVE-2018-9118 is a vulnerability in N/a. Published 2018-04-12.

Is CVE-2018-9118 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-9118

exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter.

EPSS: 0.713 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates

References

44417 (exploit, x_refsource_EXPLOIT-DB)
wpvulndb.com/vulnerabilities/9056 (x_refsource_MISC)
99robots.com/docs/wp-background-takeover-advertisements/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-9118?: CVE-2018-9118 is a vulnerability in N/a. Published 2018-04-12.
Is CVE-2018-9118 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.