Show filters
9 Total Results
Displaying 1-9 of 9
Sort by:
Attacker Value
Unknown

CVE-2021-40668

Disclosure Date: June 09, 2022 (last updated October 07, 2023)
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-23797

Disclosure Date: December 17, 2021 (last updated October 07, 2023)
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-29596

Disclosure Date: December 21, 2020 (last updated February 22, 2025)
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2013-4743

Disclosure Date: December 27, 2019 (last updated November 27, 2024)
Static HTTP Server 1.0 has a Local Overflow
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-15600

Disclosure Date: December 18, 2019 (last updated November 27, 2024)
A Path traversal exists in http_server which allows an attacker to read arbitrary system files.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-5458

Disclosure Date: July 30, 2019 (last updated November 27, 2024)
Cross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-5457

Disclosure Date: July 30, 2019 (last updated November 27, 2024)
Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-5447

Disclosure Date: July 15, 2019 (last updated November 27, 2024)
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-3713

Disclosure Date: June 07, 2018 (last updated November 26, 2024)
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0