22 matches found
EUVD-2019-0280
Malware in sbrugna...
EUVD-2018-0218
Malware in sbrugna...
GHSA-CXMJ-QJV6-VX9P mcstatic directory traversal vulnerability
A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...
mcstatic directory traversal vulnerability
A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...
Directory Traversal
mcstatic is vulnerable to directory traversal. The vulnerability is possible because it does not handle the file name parameter properly, allowing the attacker to read arbitrary files on the target server by appending ../ in the file path...
CVE-2018-16482
A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...
CVE-2018-16482
A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...
CVE-2018-16482
A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...
CVE-2018-16482
mcstatic (Node.js module)
Path Traversal in mcstatic
All versions of mcstatic are vulnerable to path traversal. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time...
GHSA-3R8F-GPHX-9M2C Path Traversal in mcstatic
All versions of mcstatic are vulnerable to path traversal. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time...
mcstatic node module path traversal vulnerability (CNVD-2018-11446)
The mcstatic node module is a static server. A path traversal vulnerability exists in mcstatic node module, which stems from the program's lack of file path detection. An attacker can exploit this vulnerability to read the contents of an arbitrary file...
mcstatic node module path traversal vulnerability
The mcstatic node module is a static server. A path traversal vulnerability exists in mcstatic node module, which stems from the program's lack of file path filtering. An attacker can exploit this vulnerability to read the contents of an arbitrary file...
CVE-2018-3730
mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path...
CVE-2018-3730
mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path...
CVE-2018-3730
mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path...
CVE-2018-3730
The CVE-2018-3730 entry concerns the mcstatic Node.js module, where a Path Traversal flaw arises from insufficient validation of the filePath, enabling reading of arbitrary server files. Public documents corroborate that all versions of mcstatic are affected and that exploitation is feasible via ...
PT-2018-16154 · Node.Js · Mcstatic
Name of the Vulnerable Software and Affected Versions: mcstatic versions all Description: The mcstatic node module has a Path Traversal issue due to the lack of validation of the filePath, allowing a malicious user to read the content of any file with a known path. Recommendations: For all...
Path Traversal
Overview All versions of mcstatic are vulnerable to path traversal. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time. References - HackerOne Report - GitHub Advisory...
Directory Traversal
mcstatic is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of the file name from req.url, allowing malicious users to perform directory traversal attacks...