EUVD-2018-0268

Malware in sbrugna...

GHSA-G7J3-P357-CW8P Directory Traversal in f2e-server

Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

Directory Traversal in f2e-server

Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

f2e-server path traversal vulnerability

f2e-server is an HTTP server based on the Node.js platform . A path traversal vulnerability exists in f2e-server version 1.12.11 and earlier. An attacker can exploit this vulnerability by placing a '... /' sequence into a URL to gain access to the file system...

CVE-2017-16038

f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run...

CVE-2017-16038

f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run...

Directory traversal

f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run...

CVE-2017-16038

CVE-2017-16038 concerns the f2e-server project: versions 1.12.11 and earlier suffer a directory traversal vulnerability in URL path handling, allowing an attacker to access files outside the intended root by inserting ../../ in the request. The issue arises from insufficient validation of user-su...

CVE-2017-16038

f2e-server 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by f2e-server requiring elevated privileges to run...

Directory Traversal

f2e-server is vulnerable to directory traversal attacks. The attacks exist because it does not validate the user requested URL path, allowing an attacker access to any files on the server by sending GET request containing ../...

Directory Traversal

Overview Affected versions of f2e-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...