Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2020/09/01 4:58 p.m.37 views

Directory Traversal in gaoxiaotingtingting

Affected versions of gaoxiaotingtingting resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.1AI score0.02005EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/01 4:58 p.m.12 views

GHSA-QHF6-VQQ9-Q2P7 Directory Traversal in gaoxiaotingtingting

Affected versions of gaoxiaotingtingting resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.4AI score0.02005EPSS
Exploits1References3
CNVD
CNVD
added 2018/06/28 12:0 a.m.2 views

gaoxiaotingtingting directory traversal vulnerability

The Node.js module gaoxiaotingtingting is an HTTP server. A directory traversal vulnerability exists in gaoxiaotingtingting. An attacker can exploit this vulnerability by placing ". /" in a url to access the file system...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References1
NVD
NVD
added 2018/06/07 2:29 a.m.21 views

CVE-2017-16108

gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS7.5AI score0.02005EPSS
Exploits1References2
CVE
CVE
added 2018/06/07 2:0 a.m.51 views

CVE-2017-16108

CVE-2017-16108 concerns the gaoxiaotingtingting HTTP server (Node.js module). The vulnerability is a directory traversal flaw that lets attackers access the filesystem by requesting URLs containing ../ (examples show traversal to parts like /../../etc/passwd). Public sources across multiple feeds...

7.5CVSS7.4AI score0.02005EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.24 views

CVE-2017-16108

gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.02005EPSS
Exploits1References2
Rows per page
Query Builder