27 matches found
EUVD-2018-0314
Malware in sbrugna...
EUVD-2018-0340
Malware in sbrugna...
Open Redirect in hekto
Withdrawn: Duplicate of GHSA-qmm9-x5gr-4gfm...
GHSA-C5J4-VW9M-XC95 Open Redirect in hekto
Withdrawn: Duplicate of GHSA-qmm9-x5gr-4gfm...
GHSA-X26F-26QW-HHHX Path Traversal in hekto
Versions of hekto before 0.2.3 are vulnerable to path traversal. This allows a remote attacker to read content of arbitrary files. Recommendation Update to version 0.2.3 or later...
Path Traversal in hekto
Versions of hekto before 0.2.3 are vulnerable to path traversal. This allows a remote attacker to read content of arbitrary files. Recommendation Update to version 0.2.3 or later...
Open Redirect in hekto
Versions of hekto before 0.2.4 are vulnerable to open redirect when a domain name is used as part of the .html filename. Recommendation Update to version 0.2.4 or later...
GHSA-QMM9-X5GR-4GFM Open Redirect in hekto
Versions of hekto before 0.2.4 are vulnerable to open redirect when a domain name is used as part of the .html filename. Recommendation Update to version 0.2.4 or later...
hekto node module path traversal vulnerability
hekto node module is a module to support single page applications. A path traversal vulnerability exists in the hekto node module, which stems from the program's lack of file path filtering. An attacker can exploit this vulnerability to read the contents of an arbitrary file...
hekto node module path traversal vulnerability (CNVD-2018-16503)
hekto node module is a module to support single page applications. A path traversal vulnerability exists in the hekto node module because the program does not filter the path of the requested file. An attacker could use this vulnerability to read the contents of an arbitrary file...
CVE-2018-3725
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...
CVE-2018-3725
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...
Path traversal
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...
CVE-2018-3725
CVE-2018-3725 describes a path-traversal vulnerability in the Node.js module hekto . The issue arises from inadequate validation of the requested file path, allowing a remote attacker to read arbitrary files on a server running hekto (e.g., via crafted URLs with traversal sequences). Several conn...
CVE-2018-3725
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...
PT-2018-16149 · Node · Hekto
Name of the Vulnerable Software and Affected Versions: hekto versions prior to 0.2.3 Description: The hekto node module has a Path Traversal issue due to inadequate validation of file paths, allowing a malicious user to read the content of any file with a known path. This enables a remote attacke...
CVE-2018-3743
Open redirect in hekto =0.2.3 when target domain name is used as html filename on server...
Open redirect
Open redirect in hekto =0.2.3 when target domain name is used as html filename on server...
CVE-2018-3743
Open redirect in hekto =0.2.3 when target domain name is used as html filename on server...
CVE-2018-3743
CVE-2018-3743 affects the Node.js module hekto up to version 0.2.3, where processing of extensionless HTML can trigger an open redirect when a domain name appears in the filename. The vulnerability is confirmed across multiple sources (GhSA, NVD/NVD-listed, and public advisories) with explicit re...