Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2018-3726

Disclosure Date: June 07, 2018 (last updated November 26, 2024)
crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-3733

Disclosure Date: May 29, 2018 (last updated November 26, 2024)
crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0