Node.js third-party modules: [static-server-gx] Path Traversal allowing to read any files on the server

I would like to report path traversal vulnerability in module "static-server-gx" It allows an attacker to read any files even system files via this path traversal vulnerability. Module module name: static-server-gx version: 1.2.1 npm page: https://www.npmjs.com/package/static-server-gx Module...

M-Server Path Traversal Vulnerability

m-server is a small http static server . M-Server suffers from a path traversal vulnerability that arises from a failure of a network system or product to properly filter special elements in the path of a resource or file. An attacker could use this vulnerability to access locations outside of a...

M-Server Cross-Site Scripting Vulnerability

M-Server is a small http static server . M-Server suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

node-srv path traversal vulnerability

node-srv is a static Node.js server with support for Heroku and Grunt.js. A path traversal vulnerability exists in node-srv, which stems from the program's lack of url checksums. An attacker can exploit this vulnerability to read the contents of an arbitrary file with a known path...

Directory Traversal

file-static-server is vulnerable to directory traversal attacks. The attack is possible by requesting a url such as /..%2f..%2fetc/passwd to get sensitive information...

Augustine Path Traversal Vulnerability

augustine is a static HTTP server used in Node.js. A path traversal vulnerability exists in augustine, which stems from the program's lack of url validation. The vulnerability can be exploited by sending a specially crafted GET request to read the contents of an arbitrary file with a known path...

mcstatic node module path traversal vulnerability (CNVD-2018-11446)

The mcstatic node module is a static server. A path traversal vulnerability exists in mcstatic node module, which stems from the program's lack of file path detection. An attacker can exploit this vulnerability to read the contents of an arbitrary file...

626 node module path traversal vulnerability

626 node module is a static server. A path traversal vulnerability exists in 626 node module, which stems from the program failing to filter the path of a requested file. An attacker could use this vulnerability to read the contents of an arbitrary file...

Calmquist.static-server Directory Traversal Vulnerability

calmquist.static-server is a static file server. A directory traversal vulnerability exists in calmquist.static-server. An attacker can exploit this vulnerability by placing ". /" in a URL to access the file system...

CVE-2017-16191

cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16165

calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16120

liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16134

httpstaticsimple is an http server. httpstaticsimple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

Node.js third-party modules: [file-static-server] Path Traversal allows to read content of arbitrary file on the server

Hi Guys, There is Path Traversal vulnerability in file-static-server module, which allows to read arbitrary file from the remote server. Module file-static-server no description provided https://www.npmjs.com/package/file-static-server version: 1.0.2 Stats 0 downloads in the last day 3 downloads ...