Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-3727 Path Traversal vulnerability in 626 Project 626 1.1.1
626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
network
low complexity
626-project CWE-22
7.5
2018-06-07 CVE-2018-3725 Path Traversal vulnerability in Hekto Project Hekto 0.2.0
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
network
low complexity
hekto-project CWE-22
7.5
2018-06-07 CVE-2018-3724 Path Traversal vulnerability in General-File-Server Project General-File-Server
general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path.
network
low complexity
general-file-server-project CWE-22
7.5
2018-06-07 CVE-2018-3715 Path Traversal vulnerability in Glance Project Glance
glance node module before 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path.
network
low complexity
glance-project CWE-22
6.5
2018-06-07 CVE-2018-3714 Path Traversal vulnerability in Node-Srv Project Node-Srv
node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
network
low complexity
node-srv-project CWE-22
6.5
2018-06-07 CVE-2018-3713 Path Traversal vulnerability in Angular-Http-Server Project Angular-Http-Server
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
network
low complexity
angular-http-server-project CWE-22
6.5
2018-06-07 CVE-2018-3712 Path Traversal vulnerability in Zeit Serve
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.
network
low complexity
zeit CWE-22
6.5
2018-06-07 CVE-2017-16223 Path Traversal vulnerability in Nodeaaaaa Project Nodeaaaaa
nodeaaaaa is a static file server.
network
low complexity
nodeaaaaa-project CWE-22
7.5
2018-06-07 CVE-2017-16222 Path Traversal vulnerability in Elding Project Elding 1.0.0
elding is a simple web server.
network
low complexity
elding-project CWE-22
5.3
2018-06-07 CVE-2017-16221 Path Traversal vulnerability in YZT Project YZT 1.4.0
yzt is a simple file server.
network
low complexity
yzt-project CWE-22
7.5