|
258181
|
7.5 |
HIGH
Network
|
expressjs
|
method-override
|
method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16136
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258182
|
7.5 |
HIGH
Network
|
serverzyy_project
|
serverzyy
|
serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16135
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258183
|
7.5 |
HIGH
Network
|
http_static_simple_project
|
http_static_simple
|
http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16134
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258184
|
7.5 |
HIGH
Network
|
goserv_project
|
goserv
|
goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16133
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258185
|
7.5 |
HIGH
Network
|
simple-npm-registry_project
|
simple-npm-registry
|
simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16132
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258186
|
7.5 |
HIGH
Network
|
unicorn-list_project
|
unicorn-list
|
unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16131
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258187
|
7.5 |
HIGH
Network
|
exxxxxxxxxxx_project
|
exxxxxxxxxxx
|
exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Acc…
|
CWE-22
Path Traversal
|
CVE-2017-16130
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258188
|
5.9 |
MEDIUM
Network
|
superagent_project
|
superagent
|
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed.…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16129
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258189
|
9.8 |
CRITICAL
Network
|
npm-script-demo_project
|
npm-script-demo
|
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16128
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258190
|
9.8 |
CRITICAL
Network
|
pandora-doomsday_project
|
pandora-doomsday
|
The module pandora-doomsday infects other modules. It's since been unpublished from the registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16127
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
