HTTP File Server <2.3c - Remote Command Execution

HTTP File Server before 2.3c is susceptible to remote command execution. The findMacroMarker function in parserLib.pas allows an attacker to execute arbitrary programs via a %00 sequence in a search action. Therefore, an attacker can obtain sensitive information, modify data, and/or gain full...

Rejetto HTTP File Server - Template injection

This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. id: CVE-2024-23692 info: name: Rejetto HTTP File Server - Template injection author: johnk3r severity: critical description: | This...

Exploit for Code Injection in Rejetto Http_File_Server

Optimum --- Optimum – Hack The Box Writeup Overview I...

CVE-2023-4118

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

EUVD-2008-0418

Malware in sbrugna...

EUVD-2008-0416

Malware in sbrugna...

EUVD-2019-0582

Malware in sbrugna...

EUVD-2008-0417

Malware in sbrugna...

EUVD-2014-7098

Malware in sbrugna...

EUVD-2008-0415

Malware in sbrugna...

EUVD-2019-0574

Malware in sbrugna...

EUVD-2008-0419

Malware in sbrugna...

EUVD-2008-0420

Malware in sbrugna...

EUVD-2023-54004

Malicious code in bioql PyPI...

EUVD-2025-29526

Malicious code in bioql PyPI...

CVE-2024-52793

The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, http/file-server's serveDir with showDirListing: true option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file names...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

CVE-2019-5447

A path traversal vulnerability in = v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders...

Rejetto HTTP File Server 2.3m - Remote Code Execution (RCE)

Exploit Title: Rejetto HTTP File Server 2.3m - Remote Code Execution RCE Fofa Dork: "HttpFileServer" && server=="HFS 2.3m" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-23692 Vendor Homepage: http://rejetto.com/hfs/ Software Link:...

Exploit for Code Injection in Rejetto Http_File_Server

This is a PoC exploit for CVE-2024-23692, a remote code executio...