Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Simplehttpserver ProjectSimplehttpserver

3 matches found

CVE
CVEadded 2018/12/04 2:0 p.m.64 views

CVE-2018-16478

CVE-2018-16478 affects the Python-like HTTP server module simplehttpserver , version ≤ 0.2.1. The root cause is a path traversal vulnerability that allows a URL to navigate via symlinks, enabling an attacker to list files outside the web root (information disclosure). Documented impact: informati...

5.3CVSS5.1AI score0.00215EPSS
CVE
CVEadded 2018/06/07 2:0 a.m.58 views

CVE-2018-3716

CVE-2018-3716 affects the simplehttpserver Node.js module. The vulnerability is a stored XSS in directory listings caused by lack of validation/sanitization of file names fed into HTML output. Exploitation requires an attacker-controlled filename in the listing; the XSS payload is reflected in th...

5.4CVSS5.2AI score0.00216EPSS
CVE
CVEadded 2018/08/31 4:0 p.m.51 views

CVE-2018-3787

The CVE-2018-3787 vulnerability affects the Python-based simplehttpserver project. Affected versions are prior to 0.2.1, where the server concatenates the requested URL path to the web root, enabling path traversal and the listing of arbitrary server files. Impact described across multiple source...

7.5CVSS7.5AI score0.00381EPSS