|
251021
|
7.5 |
HIGH
Network
|
xtalk_project
|
xtalk
|
xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16091
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251022
|
7.5 |
HIGH
Network
|
fsk-server_project
|
fsk-server
|
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16090
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251023
|
7.5 |
HIGH
Network
|
serverlyr_project
|
serverlyr
|
serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16089
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251024
|
10.0 |
CRITICAL
Network
|
safe-eval_project
|
safe-eval
|
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the…
|
NVD-CWE-noinfo
|
CVE-2017-16088
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251025
|
7.5 |
HIGH
Network
|
ua-parser_project
|
ua-parser
|
ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16086
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251026
|
7.5 |
HIGH
Network
|
tinyserver2_project
|
tinyserver2
|
tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16085
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251027
|
7.5 |
HIGH
Network
|
list-n-stream_project
|
list-n-stream
|
list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by…
|
CWE-22
Path Traversal
|
CVE-2017-16084
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251028
|
7.5 |
HIGH
Network
|
node-simple-router
|
node-simple-router
|
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
|
CWE-22
Path Traversal
|
CVE-2017-16083
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251029
|
9.8 |
CRITICAL
Network
|
node-postgres
|
pg
|
A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likel…
|
CWE-94
Code Injection
|
CVE-2017-16082
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251030
|
7.5 |
HIGH
Network
|
cross-env.js_project
|
cross-env.js
|
cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
|
CWE-200
Information Exposure
|
CVE-2017-16081
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
