Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2019-25087

Disclosure Date: December 27, 2022 (last updated February 24, 2025)
A vulnerability was found in RamseyK httpserver. It has been rated as critical. This issue affects the function ResourceHost::getResource of the file src/ResourceHost.cpp of the component URI Handler. The manipulation of the argument uri leads to path traversal: '../filedir'. The attack may be initiated remotely. The name of the patch is 1a0de56e4dafff9c2f9c8f6b130a764f7a50df52. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216863.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-5480

Disclosure Date: September 03, 2019 (last updated November 27, 2024)
A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders.
0
0
Attacker Value
Unknown

CVE-2018-16478

Disclosure Date: December 04, 2018 (last updated November 27, 2024)
A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root.
0
0
Attacker Value
Unknown

CVE-2018-3787

Disclosure Date: August 31, 2018 (last updated November 27, 2024)
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-3716

Disclosure Date: June 07, 2018 (last updated November 26, 2024)
simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0