1207 matches found
Cross-site Scripting (XSS) - Stored in crud-file-server
Versions of crud-file-server before 0.8.0 are vulnerable to stored cross-site scripting XSS. This is due to insufficient santiziation of filenames when directory index is served by crud-file-server. Recommendation Update to version 0.8.0 or later...
CVE-2016-9483
The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmgfilmandownload function. A remote unauthenticated attacker may be able to use this vulnerability to inject PHP code, or along with CVE-2016-9484 to perform local file inclusion attacks and obta...
tmock Directory Traversal Vulnerability
tmock is a static file server. A directory traversal vulnerability exists in tmock. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...
nodeaaaaa Directory Traversal Vulnerability
nodeaaaaa is a static file server. A directory traversal vulnerability exists in nodeaaaaa. An attacker can gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...
Serverzyy Path Traversal Vulnerability
serverzyy is a static file server. A path traversal vulnerability exists in serverzyy. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...
liyujing path traversal vulnerability
liyujing is a static file server. A path traversal vulnerability exists in liyujing. An attacker can exploit this vulnerability by placing a '... /' sequence in the URL to gain access to the file system...
node-server-forfront path traversal vulnerability
node-server-forfront is a static file server. A path traversal vulnerability exists in node-server-forfront. An attacker can gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...
lab6.brit95 Path Traversal Vulnerability
lab6.brit95 is a file server. A path traversal vulnerability exists in lab6.brit95. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...
Welcomyzt Path Traversal Vulnerability
welcomyzt is a file server. A path traversal vulnerability exists in welcomyzt. An attacker could gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...
jikes path traversal vulnerability
jikes is a file server. A directory traversal vulnerability exists in jikes. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence into a URL to gain access to the file system...
Path Traversal in Sprockets
Specially crafted requests can be used to access files that exist on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. Workaround:...
crud-file-server node module cross-site scripting vulnerability
The crud-file-server node module is a file server that supports create, read, update and delete functions. A cross-site scripting vulnerability exists in crud-file-server node module versions prior to 0.8.0, which stems from the program's lack of file name validation. A remote attacker can exploi...
App Layering: How to force the ELM to use a specific SMB version for file servers
In the ELM, when connecting to a file share, we test all the SMB versions that we support, from top to bottom, until we get a successful login. We specifically try 3.02, 3.0, 2.1, 2.0 and 1.0, in that order, before giving up. An SMB server is supposed to return "Not Supported" when an attempt is...
ecstatic node module denial of service vulnerability
ecstatic node module is a http cooperative static file server middleware . A security vulnerability exists in ecstatic node module versions prior to 1.4.0. An attacker can exploit this vulnerability to cause a denial of service crash by sending input with the help of the If-Modified-Since packet...
peiserver directory traversal vulnerability
peiserver is a static file server. A directory traversal vulnerability exists in peiserver. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...
ltt directory traversal vulnerability
ltt is a static file server. A directory traversal vulnerability exists in ltt. An attacker can exploit this vulnerability by placing "... /" in a URL to access the file system...
lessindex directory traversal vulnerability
lessindex is a static file server. A directory traversal vulnerability exists in lessindex. An attacker can exploit this vulnerability by placing a '... /' sequence in the URL to gain access to the file system...
zjjserver directory traversal vulnerability
zjjserver is a static file server. A directory traversal vulnerability exists in zjjserver. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...
susu-sum Directory Traversal Vulnerability
susu-sum is a static file server. A directory traversal vulnerability exists in susu-sum. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...
qinserve Directory Traversal Vulnerability
qinserve is a static file server. A directory traversal vulnerability exists in qinserve. An attacker can exploit this vulnerability by placing "... /" in a URL to access the file system...