CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSV•added 2018/07/23 10:48 p.m.•16 views

GHSA-VCQG-CMV3-WJ57 Directory Traversal in rtcmulticonnection-client

Affected versions of rtcmulticonnection-client resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

7.5CVSS7.4AI score0.02005EPSS

Exploits1References5

Github Security Blog•added 2018/07/23 10:48 p.m.•17 views

Directory Traversal in rtcmulticonnection-client

7.5CVSS7.1AI score0.02005EPSS

Exploits1References4Affected Software1

CNVD•added 2018/06/20 12:0 a.m.•1 views

rtcmulticonnection-client path traversal vulnerability

rtcmulticonnection-client is a signaling implementation of RTCMultiConnection.js based on Node.js and Scoket.io. A path traversal vulnerability exists in rtcmulticonnection-client. An attacker can exploit this vulnerability by placing a '... /' sequence in a URL to gain access to the file system...

7.5CVSS7.6AI score0.02005EPSS

Exploits1References1

Veracode•added 2018/06/07 8:28 a.m.•12 views

Directory Traversal

rtcmulticonnection-client is vulnerable to directory traversal attacks. These attacks are possible by requesting a url such as /..%2f..%2fetc/passwd to get sensitive information...

7.5CVSS7.3AI score0.02005EPSS

Exploits1References2Affected Software1

OSV•added 2018/06/07 2:29 a.m.•4 views

CVE-2017-16125

rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.5CVSS5.8AI score0.02005EPSS

Exploits1References2

Prion•added 2018/06/07 2:29 a.m.•13 views

Directory traversal

5CVSS7.5AI score0.02005EPSS

Exploits1References2Affected Software1

CVE•added 2018/06/07 2:0 a.m.•54 views

CVE-2017-16125

rtcmulticonnection-client is vulnerable to directory traversal via URLs containing ../../.. sequences, enabling access to files outside the intended directory. This vulnerability is documented across CVE-2017-16125 entries and related advisories (GHSA, OSV, CNVD, CNVD variants). The root cause is...

7.5CVSS7.4AI score0.02005EPSS

Exploits1References2Affected Software1

Node.js•added 2017/06/28 8:50 p.m.•23 views

Directory Traversal

Overview Affected versions of rtcmulticonnection-client resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the...

5CVSS4.6AI score0.02005EPSS

Exploits1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by