3 matches found
CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is...
UBUNTU-CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is...
Directory Traversal
Overview http-server-node is a simple, zero-configuration command-line http server Affected versions of this package are vulnerable to Directory Traversal via use of --path-as-is. PoC curl -s --path-as-is http://127.0.0.1:3000/../sensitive-file.txt Details A Directory Traversal attack also known ...