|
252281
|
9.8 |
CRITICAL
Network
|
npm-script-demo_project
|
npm-script-demo
|
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16128
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252282
|
9.8 |
CRITICAL
Network
|
pandora-doomsday_project
|
pandora-doomsday
|
The module pandora-doomsday infects other modules. It's since been unpublished from the registry.
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-16127
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252283
|
5.3 |
MEDIUM
Network
|
botbait_project
|
botbait
|
The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following inform…
|
CWE-200
Information Exposure
|
CVE-2017-16126
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252284
|
7.5 |
HIGH
Network
|
rtcmulticonnection-client_project
|
rtcmulticonnection-client
|
rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker …
|
CWE-22
Path Traversal
|
CVE-2017-16125
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252285
|
7.5 |
HIGH
Network
|
node-server-forfront_project
|
node-server-forfront
|
node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16124
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252286
|
7.5 |
HIGH
Network
|
welcomyzt_project
|
welcomyzt
|
welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16123
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252287
|
7.5 |
HIGH
Network
|
cuciuci_project
|
cuciuci
|
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16122
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252288
|
7.5 |
HIGH
Network
|
datachannel-client_project
|
datachannel-client
|
datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in t…
|
CWE-22
Path Traversal
|
CVE-2017-16121
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252289
|
7.5 |
HIGH
Network
|
liyujing_project
|
liyujing
|
liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16120
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252290
|
7.5 |
HIGH
Network
|
fresh_project
|
fresh
|
Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-16119
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
