Geddy <13.0.8 - Local File Inclusion

Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the PATHINFO to the default URI. id: CVE-2015-5688 info: name: Geddy 13.0.8 - Local File Inclusion author:...

Microctfs - Small CTF Challenges Running On Docker

Small CTF challenges running on Docker logviewer Build and Start logviewer challenge exposed on port 8000 cd logviewer docker build -t logviewer . docker run -d -p 8000:80 --name logchallenge logviewer Restart logviewer challenge docker rm -f logchallenge && docker run -d -p 8000:80 --name...

GHSA-333X-9VGQ-V2J4 Directory Traversal in geddy

Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors. Proof of Concept http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd Recommendation Update geddy to version = 13.0.8...

scotch-blog (>=0.1.0 <=0.1.7) potentially affected by CVE-2015-5688 via geddy (>=0.8.14 <=0.9.18)

geddy NPM version =0.8.14, =0.1.0, =0.1.7 Source cves: CVE-2015-5688 Source advisory: OSV:GHSA-333X-9VGQ-V2J4...

Directory Traversal in geddy

Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors. Proof of Concept http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd Recommendation Update geddy to version = 13.0.8...

Directory Traversal

Overview Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors. Proof of Concept http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd Recommendation Update geddy to version =...

Joyent Node.js Geddy Directory Traversal Vulnerability

Joyent Node.js is the United States Joyent company's set of web applications built on Google V8 JavaScript engine on top of the platform. Geddy is one of the front-end framework. A directory traversal vulnerability exists in the lib/app/index.js file in Joyent Node.js Geddy 13.0.7 and earlier...

CVE-2015-5688

Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the PATHINFO to the default URI...

Directory traversal

Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the PATHINFO to the default URI...

CVE-2015-5688

Geddy (Node.js framework) prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows an attacker to read arbitrary files by supplying a URI PATH_INFO with a dot-dot-encoded slash (e.g., ..%2f). Exploitation targets the default URI and can read local files...

CVE-2015-5688

Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the PATHINFO to the default URI...