1 results (0.000 seconds)
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1
CVE-2024-6746 – NaiboWang EasySpider HTTP GET Request server.js path traversal
https://notcve.org/view.php?id=CVE-2024-6746
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. • https://github.com/NaiboWang/EasySpider/issues/466 https://vuldb.com/?ctiid.271477 https://vuldb.com/?id.271477 https://vuldb.com/?submit.371998 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •