Lucene search
K

6 matches found

Nuclei
Nuclei
added 15 hours ago85 views

MKdocs 1.2.2 - Directory Traversal

The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability see references because the dev server must be used in an unsafe way namely public to have this...

7.5CVSS7AI score0.14759EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2021-40978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the...

7.5CVSS7.7AI score0.14759EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2021/10/12 6:48 p.m.5 views

mkdocs-protobuf (>=0.0.1 <=0.0.8), mkdocs-semos-plugin (>=0.1.1 <=0.1.3) +1 more potentially affected by CVE-2021-40978 via mkdocs (=1.2.2)

mkdocs PYPI version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mkdocs and may be impacted: - mkdocs-protobuf =0.0.1, =0.1.1, =0.1.1, =0.1.5 Source cves: CVE-2021-40978 Source advisory: OSV:GHSA-QH9Q-34H6-HCV9...

7.5CVSS7.1AI score0.14759EPSS
Exploits2
OSV
OSV
added 2021/10/07 2:15 p.m.6 views

CVE-2021-40978

The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601. and https://github.com/nisdn/CVE-2021-40978/issues/1...

7.5CVSS7.4AI score0.14759EPSS
Exploits2References4
CVE
CVE
added 2021/10/07 1:23 p.m.144 views

CVE-2021-40978

The CVE-2021-40978 issue affects MkDocs 1.2.2 with its built-in dev-server, where directory traversal is possible on port 8000, allowing remote disclosure of sensitive information. Some sources note vendor dispute and that exploitation requires unsafe use (e.g., public exposure). The Nuclei templ...

7.5CVSS7.4AI score0.14759EPSS
Exploits2References4Affected Software1
GithubExploit
GithubExploit
added 2021/10/04 1:36 a.m.215 views

Exploit for Path Traversal in Mkdocs

CVE-2021-40978 mkdocs built-in dev-server directory traversal...

7.5CVSS7.8AI score0.14759EPSS
Exploits2
Rows per page
Query Builder