3 matches found
Directory Traversal
angular-http-server is vulnerable to directory traversal attacks. A malicious can send a curl request such as curl --path-as-is 'http://127.0.0.1:6060//etc/passwd' to gain access to sensitive files on the server. This vulnerability is related to CVE-2018-3713...
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path...
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path...