Node.js third-party modules: [servey] Path Traversal allows to retrieve content of any file with extension from remote server

Hi Team, I would like to report a partial Path Traversal in servey module. It allows to read content of any arbitrary file with extension from the server. Module module name: servey version: 2.2.0 npm page: https://www.npmjs.com/package/servey Module Description A static & single page application...

Node.js third-party modules: [bruteser] Path Traversal allows to read content of arbitrary file

I would like to report Path Traversal in bruteser module. It allows to read content of any arbitrary file from the server where bruteser is installed and run. Module module name: bruteser version: 0.0.2 npm page: https://www.npmjs.com/package/bruteser Module Description BruteSer - server can be...

Node.js third-party modules: [m-server] Path Traversal allows to display content of arbitrary file(s) from the server

I would like to report Path Traversal in m-server module. It allows to read content of any arbitrary file from the server where m-server is installed and run. Module module name: m-server version: 1.4.0 npm page: https://www.npmjs.com/package/m-server Module Description M-Server is a mini http...

NPM-V < 2.4.2 Password Leak and Reset Vulnerability - Active Check

NPM-V is prone to password leak and password reset vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

NPM-V (Network Power Manager) 2.4.1 - Password Reset

NPM-VNetwork Power Manager = 2.4.1 Reset Password Vulnerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NPM-V Affected Version : 2.4.1 and below Vendor : http://www.china-clever.com Product Link : http://www.china-clever.com/en/index.php/product?view=products&cid=125 Date:...

NPM-V (Network Power Manager) 2.4.1 - Password Reset

NPM-V Network Power Manager 2.4.1 - Password Reset NPM-VNetwork Power Manager = 2.4.1 Reset Password Vulnerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NPM-V Affected Version : 2.4.1 and below Vendor : http://www.china-clever.com Product Link :...

NPM-V (Network Power Manager) 2.4.1 Password Reset

NPM-VNetwork Power Manager = 2.4.1 Reset Password Vulnerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NPM-V Affected Version : 2.4.1 and below Vendor : http://www.china-clever.com Product Link : http://www.china-clever.com/en/index.php/product?view=products&cid=125 Date:...