5 matches found
Path Traversal in sapper
Versions of sapper prior to 0.27.11 are vulnerable to Path Traversal. It is possible to access sensitive files on the server through HTTP requests containing URL-encoded ../. You may test a sapper application running in prod mode with curl -vvv...
GHSA-F3VW-587G-R29G Path Traversal in sapper
Versions of sapper prior to 0.27.11 are vulnerable to Path Traversal. It is possible to access sensitive files on the server through HTTP requests containing URL-encoded ../. You may test a sapper application running in prod mode with curl -vvv...
Directory Traversal
Overview sapper is a framework for building high-performance universal web apps. Affected versions of this package are vulnerable to Directory Traversal. when serving /client/... files. PoC by Daniel Thompson: curl...
Path Traversal
Overview Versions of sapper prior to 0.27.11 are vulnerable to Path Traversal. It is possible to access sensitive files on the server through HTTP requests containing URL-encoded ../. You may test a sapper application running in prod mode with curl -vvv...
Node.js third-party modules: [sapper] Path Traversal
I would like to report a critical path traversal vunerability in the sapper module It allows an attacker to simply obain arbitrary files from the remote server, exploiting a simple path traversal using URL-encoded "../". Module module name: sapper version: 0.27.10 npm page:...