Directory traversal

2018-06-0702:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.5%

JSON

dasafio is a web server. dasafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing “…/” in the url. File access is restricted to only .html files.

CPENameOperatorVersion
dasafioeq1.2.0

CPE	Name	Operator	Version
	dasafio	eq	1.2.0

References

github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dasafio

nodesecurity.io/advisories/460