2 matches found
CVE-2017-16159
caolilinode is a simple file server. caolilinode is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
CVE-2017-16159
CVE-2017-16159 affects the caolilinode Node.js package, where a directory traversal flaw allows an attacker to access the filesystem by manipulating URL paths (e.g., ../../). The root cause is improper handling of relative paths in the file-serving logic, enabling unauthorized disclosure of files...