|
258021
|
7.5 |
HIGH
Network
|
serverzyy_project
|
serverzyy
|
serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16135
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258022
|
7.5 |
HIGH
Network
|
http_static_simple_project
|
http_static_simple
|
http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16134
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258023
|
7.5 |
HIGH
Network
|
goserv_project
|
goserv
|
goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16133
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258024
|
7.5 |
HIGH
Network
|
simple-npm-registry_project
|
simple-npm-registry
|
simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16132
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258025
|
7.5 |
HIGH
Network
|
unicorn-list_project
|
unicorn-list
|
unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16131
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258026
|
7.5 |
HIGH
Network
|
exxxxxxxxxxx_project
|
exxxxxxxxxxx
|
exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Acc…
|
CWE-22
Path Traversal
|
CVE-2017-16130
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258027
|
5.9 |
MEDIUM
Network
|
superagent_project
|
superagent
|
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed.…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16129
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258028
|
9.8 |
CRITICAL
Network
|
npm-script-demo_project
|
npm-script-demo
|
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16128
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258029
|
9.8 |
CRITICAL
Network
|
pandora-doomsday_project
|
pandora-doomsday
|
The module pandora-doomsday infects other modules. It's since been unpublished from the registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16127
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258030
|
5.3 |
MEDIUM
Network
|
botbait_project
|
botbait
|
The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following inform…
|
CWE-200
Information Exposure
|
CVE-2017-16126
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
