|
258701
|
9.8 |
CRITICAL
Network
|
static-eval_project
|
static-eval
|
The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing ar…
|
CWE-20
Improper Input Validation
|
CVE-2017-16226
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258702
|
7.5 |
HIGH
Network
|
aegir_project
|
aegir
|
aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.
|
CWE-200
Information Exposure
|
CVE-2017-16225
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258703
|
7.5 |
HIGH
Network
|
nodeaaaaa_project
|
nodeaaaaa
|
nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16223
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258704
|
5.3 |
MEDIUM
Network
|
elding_project
|
elding
|
elding is a simple web server. elding is vulnerable to a directory traversal issue, allowing an attacker to access the filesystem by placing "../" in the url. The files accessible, however, are limit…
|
CWE-22
Path Traversal
|
CVE-2017-16222
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258705
|
7.5 |
HIGH
Network
|
yzt_project
|
yzt
|
yzt is a simple file server. yzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16221
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258706
|
7.5 |
HIGH
Network
|
wind-mvc_project
|
wind-mvc
|
wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16220
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258707
|
7.5 |
HIGH
Network
|
yttivy_project
|
yttivy
|
yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16219
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258708
|
6.1 |
MEDIUM
Network
|
st_project
|
st
|
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecu…
|
CWE-601
Open Redirect
|
CVE-2017-16224
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258709
|
7.5 |
HIGH
Network
|
dgard8.lab6_project
|
dgard8.lab6
|
dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16218
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258710
|
7.5 |
HIGH
Network
|
webrtc-experiment
|
fbr-client
|
fbr-client sends files through sockets via socket.io and webRTC. fbr-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16217
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
