|
251011
|
7.5 |
HIGH
Network
|
serverwg_project
|
serverwg
|
serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16101
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251012
|
9.8 |
CRITICAL
Network
|
dns-sync_project
|
dns-sync
|
dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible.
|
CWE-77
Command Injection
|
CVE-2017-16100
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251013
|
7.5 |
HIGH
Network
|
no-case_project
|
no-case
|
The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of service condition.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16099
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251014
|
7.5 |
HIGH
Network
|
charset_project
|
charset
|
charset 1.0.0 and below are vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds. Unless node was compiled using the -DHT…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16098
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251015
|
7.5 |
HIGH
Network
|
tiny-http_project
|
tiny-http
|
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16097
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251016
|
7.5 |
HIGH
Network
|
serveryaozeyan_project
|
serveryaozeyan
|
serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16096
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251017
|
7.5 |
HIGH
Network
|
serverliujiayi1_project
|
serverliujiayi1
|
serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16095
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251018
|
7.5 |
HIGH
Network
|
iter-http_project
|
iter-http
|
iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16094
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251019
|
7.5 |
HIGH
Network
|
cyber-js_project
|
cyber-js
|
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16093
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251020
|
7.5 |
HIGH
Network
|
sencisho_project
|
sencisho
|
Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16092
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
