Lucene search
K

531 matches found

NVD
NVD
added 2018/06/07 2:29 a.m.27 views

CVE-2018-3718

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...

5.3CVSS5.2AI score0.01316EPSS
Exploits1References1
OSV
OSV
added 2018/06/07 2:29 a.m.19 views

CVE-2018-3718

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...

5.3CVSS5.6AI score
Exploits0References1
Prion
Prion
added 2018/06/07 2:29 a.m.15 views

Code injection

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...

5CVSS5.2AI score0.01316EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.34 views

CVE-2017-16224

st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...

6.2AI score0.00879EPSS
Exploits1References1
CVE
CVE
added 2018/06/07 2:0 a.m.54 views

CVE-2018-3718

CVE-2018-3718 affects the serve node module and is caused by improper handling of URL encoding, which can permit access to ignored/restricted files when a filename is URL encoded. Connected advisories/documentation (GHSA-5RC4-8QQH-VQ7F; OSV, NVD/CVE record) describe this as a directory traversal-...

5.3CVSS5.1AI score0.01316EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.26 views

CVE-2018-3718

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...

5.2AI score0.01316EPSS
Exploits1References1
CVE
CVE
added 2018/04/13 4:0 p.m.71 views

CVE-2017-0370

CVE-2017-0370 relates to MediaWiki and is caused by a failure of the spam blacklist to block encoded URLs in the file inclusion syntax’s link parameter. Affected software is MediaWiki versions prior to 1.28.1, 1.27.2, and 1.23.16. The impact is that encoded URLs can bypass the blacklist, potentia...

5.3CVSS5.5AI score0.01429EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2018/01/24 7:2 p.m.35 views

Node.js third-party modules: [serve] Directory listing and File access even when they have been set to be ignored.

Module: - Name: serve - Version: latest 6.4.9 - Link: https://www.npmjs.com/package/serve Description: The serve modules allows directory browsing and to serve static files through the browser. The config option ignore can be used to tell the module which file or directory are forbidden and shoul...

5CVSS5AI score0.01316EPSS
Exploits1
Veracode
Veracode
added 2018/01/11 5:40 a.m.25 views

Cross-site Scripting (XSS)

Apache Sling XSS is vulnerable to cross-site scripting XSS attacks. The application does not properly encode or escape URLs, allowing a malicious user to inject and execute arbitrary Javascript...

6.1CVSS5.8AI score0.0291EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/01/10 2:29 p.m.16 views

Code injection

A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImplgetValidHref and org.apache.sling.xss.impl.XSSFilterImplisValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API...

4.3CVSS5.8AI score0.0291EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2018/01/10 2:0 p.m.77 views

CVE-2017-15717

CVE-2017-15717 involves a flaw in URL escaping/encoding in the Apache Sling XSS Protection API. The issue resides in org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref, allowing specially crafted URLs to pass as valid despite carrying XSS pay...

6.1CVSS5.8AI score0.0291EPSS
Exploits0References1Affected Software2
Hacker One
Hacker One
added 2017/11/19 9:27 p.m.988 views

Valve: Link filter protection bypass

Description Hi, there is a protection bypass in the linkfilter function. By using the character 。 %E3%80%82 url encoded instead of a normal dot in urls, it is possible to bypass the blocking. PoC Normal request : https://steamcommunity.com/linkfilter/?url=pornhub.com F240919 Bypass :...

0.4AI score
Exploits0
Hacker One
Hacker One
added 2017/07/24 8:14 a.m.23 views

Starbucks: Reflected XSS on https://www.starbucks.co.uk/shop/paymentmethod/ (bypass for 227486)

Hi guys, I am now able to prove my concerns from 227486 see my last comment. "s are still not correctly encoded when rendered into the page in the element on almost any https://starbucks.co.uk/ page. The WAF is bypassed by encoding "s as %2522 in the URL path. This won't work when the payload is...

0.3AI score
Exploits0
Prion
Prion
added 2017/05/05 6:29 p.m.19 views

Cross site scripting

An issue was discovered on Accellion FTA devices before FTA912180. There is XSS in courier/1000@/index.html with the authparams parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to the payloads,...

4.3CVSS6AI score0.01122EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/05/05 6:29 p.m.19 views

CVE-2017-8760

An issue was discovered on Accellion FTA devices before FTA912180. There is XSS in courier/1000@/index.html with the authparams parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to the payloads,...

6.1CVSS6.1AI score0.01122EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/05/05 6:0 p.m.24 views

CVE-2017-8760

An issue was discovered on Accellion FTA devices before FTA912180. There is XSS in courier/1000@/index.html with the authparams parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to the payloads,...

6.1AI score0.01122EPSS
Exploits1References1
NVD
NVD
added 2017/05/03 10:59 a.m.17 views

CVE-2016-10367

In Opsview Monitor Pro Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple URL encoding...

7.5CVSS7.6AI score0.16109EPSS
Exploits1References1
Prion
Prion
added 2017/05/03 10:59 a.m.12 views

Directory traversal

In Opsview Monitor Pro Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple URL encoding...

5CVSS7.2AI score0.16109EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/02/01 10:59 p.m.11 views

CVE-2016-5953

IBM Sterling Order Management transmits the session identifier within the URL. When a user is unable to view a certain view due to not being allowed permissions, the website responds with an error page where the session identifier is encoded as Base64 in the URL...

4.3CVSS3.9AI score0.00842EPSS
Exploits0References2
myhack58
myhack58
added 2016/11/12 12:0 a.m.492 views

The use of Python code implementing the Web application of the injection-vulnerability warning-the black bar safety net

Vulnerability overview If your Web application exists in the Python code injection vulnerability, the attacker can use your Web applications to your back-end server of the Python parser to send malicious Python code. This also means that if you can on the target server execute Python code, you ca...

8AI score
Exploits0
Rows per page
Query Builder