3 matches found
CVE-2017-16083
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL...
CVE-2017-16083
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL...
CVE-2017-16083
CVE-2017-16083 corresponds to a directory traversal vulnerability in node-simple-router. The affected package resolves relative file paths, allowing an attacker to access files outside the intended directory by crafting URLs such as ../…/… to disclose sensitive files. Public references (GHSA, NPM...