|
251871
|
6.1 |
MEDIUM
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler t…
|
CWE-601
Open Redirect
|
CVE-2017-16652
|
2024-11-21 12:16 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251872
|
9.8 |
CRITICAL
Network
|
static-eval_project
|
static-eval
|
The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing ar…
|
CWE-20
Improper Input Validation
|
CVE-2017-16226
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251873
|
7.5 |
HIGH
Network
|
aegir_project
|
aegir
|
aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.
|
CWE-200
Information Exposure
|
CVE-2017-16225
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251874
|
7.5 |
HIGH
Network
|
nodeaaaaa_project
|
nodeaaaaa
|
nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16223
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251875
|
5.3 |
MEDIUM
Network
|
elding_project
|
elding
|
elding is a simple web server. elding is vulnerable to a directory traversal issue, allowing an attacker to access the filesystem by placing "../" in the url. The files accessible, however, are limit…
|
CWE-22
Path Traversal
|
CVE-2017-16222
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251876
|
7.5 |
HIGH
Network
|
yzt_project
|
yzt
|
yzt is a simple file server. yzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16221
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251877
|
7.5 |
HIGH
Network
|
wind-mvc_project
|
wind-mvc
|
wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16220
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251878
|
7.5 |
HIGH
Network
|
yttivy_project
|
yttivy
|
yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16219
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251879
|
6.1 |
MEDIUM
Network
|
st_project
|
st
|
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecu…
|
CWE-601
Open Redirect
|
CVE-2017-16224
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251880
|
7.5 |
HIGH
Network
|
dgard8.lab6_project
|
dgard8.lab6
|
dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16218
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
