2 matches found
CVE-2018-3724
general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path...
CVE-2018-3724
The CVE-2018-3724 entry maps to a path traversal in the Node.js module general-file-server. Publicly reported details show that lack of file-path sanitization (currpath) allows an attacker to read arbitrary files by crafting requests (for example, using ../ paths). Affected component is the gener...