Node.js third-party modules: [statichttpserver] List any file in the folder by using path traversal.

I would like to report Path Traversal in statichttpserver. It allows to list any file in another folder of web root. Module module name: statichttpserver version: 0.9.7 npm page: https://www.npmjs.com/package/statichttpserver Module Description 'statichttpserver' is inspired by SimpleHTTPServer.p...

Denial Of Service (DoS)

samba is vulnerable to denial of service. The Samba file server daemon did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cau...

buttle npm package cross-site scripting vulnerability

buttle npm package is a static file server. A cross-site scripting vulnerability exists in version 0.2.0 of the buttle npm package, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Node.js third-party modules: [file-browser] Inadequate Output Encoding and Escaping

I would like to report stored xss in file-browser module It allows an attacker to embed malicious js code as filenames,which get executed once browsed to the file over the web browser Module module name: file-browser version: 0.0.5 npm page: https://www.npmjs.com/package/file-browser Module...

mIRC Remote Command Execution

Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...

mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Vulnerability

Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...

CVE-2018-11798

A flaw was found in the Node.js static web server in Apache Thrift, where it allowed a remote user to access files outside of the set web servers' docroot path. An attacker could use this flaw to possibly access unauthorized files and sensitive information...

Stored Cross-Site Scripting

Overview All versions of tianma-static are vulnerable to stored cross-site scripting XSS. The vulnerability is exploitable if a user can control the name of a file that is served by tianma-static Recommendation As no fix is available for this vulnerability at this time it is our recommendation to...

Path Traversal

Overview All versions of takeapeek are vulnerable to path traversal exposing files and directories. Recommendation As no fix is currently available for this vulnerability is it is our recommendation to use another static file server. References - HackerOne Report - Node.js Security-wg - GitHub...

Path Traversal in takeapeek

All versions of takeapeek are vulnerable to path traversal exposing files and directories. Recommendation As no fix is currently available for this vulnerability is it is our recommendation to use another static file server...

GHSA-23XP-J737-282V Path Traversal in takeapeek

All versions of takeapeek are vulnerable to path traversal exposing files and directories. Recommendation As no fix is currently available for this vulnerability is it is our recommendation to use another static file server...

Stored Cross-Site Scripting in tianma-static

All versions of tianma-static are vulnerable to stored cross-site scripting XSS. The vulnerability is exploitable if a user can control the name of a file that is served by tianma-static Recommendation As no fix is available for this vulnerability at this time it is our recommendation to use...

Directory Traversal in augustine

Affected versions of augustine resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Proof of...

Path Traversal in general-file-server

All versions of general-file-server are vulnerable to path traversal. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not use this module until a fix has been provided...

GHSA-WV2F-3RXV-JQHP Path Traversal in general-file-server

All versions of general-file-server are vulnerable to path traversal. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not use this module until a fix has been provided...

Directory Traversal in tmock

tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example request: http GET /../../../../../../../../../../etc/passwd HTTP/1.1 host: localhost and server Response: http HTTP/1.1 200 OK Date:...

GHSA-J6W4-PG6P-5MRV Directory Traversal in tmock

tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example request: http GET /../../../../../../../../../../etc/passwd HTTP/1.1 host: localhost and server Response: http HTTP/1.1 200 OK Date:...

Directory Traversal in intsol-package

intsol-package is a file server. intsol-package is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example Request: http GET /../../../../../../../../../../etc/passwd HTTP/1.1 host:localhost and the server's Response http HTTP/1....

GHSA-VFP9-GWRH-WQ9G Path Traversal in crud-file-server

Versions of crud-file-server prior to 0.9.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 0.9.0 or later...

Cross-site Scripting (XSS) - Stored in crud-file-server

Versions of crud-file-server before 0.8.0 are vulnerable to stored cross-site scripting XSS. This is due to insufficient santiziation of filenames when directory index is served by crud-file-server. Recommendation Update to version 0.8.0 or later...