9 results (0.002 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1

The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write. La aplicación Android HTTP File Server (Versión 1.4.1) de "slowscript" está afectada por una vulnerabilidad de salto de ruta que permite el listado arbitrario de directorios, la lectura y escritura de archivos • https://eddiez.me/path-traversal-in-slowscript-httpfileserver https://play.google.com/store/apps/details?id=slowscript.httpfileserver • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is. Todas las versiones del paquete http-server-node son vulnerables a un Salto de Directorio por medio de --path-as-is • https://snyk.io/vuln/SNYK-JS-HTTPSERVERNODE-1727656 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 2

MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request. El servidor HTTP MiniWeb versión 0.8.19, permite a atacantes remotos causar una denegación de servicio (bloqueo del demonio) mediante un nombre largo para el primer parámetro en una petición POST • https://packetstormsecurity.com/files/160470/MiniWeb-HTTP-Server-0.8.19-Buffer-Overflow.html https://securityforeveryone.com/blog/miniweb-http-server-vulnerability-0-day-cve-2020-29596 https://sourceforge.net/projects/miniweb/files/miniweb/0.8 https://www.exploit-db.com/exploits/49247 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 2

Static HTTP Server 1.0 has a Local Overflow Static HTTP Server versión 1.0, tiene un Desbordamiento Local. • https://www.exploit-db.com/exploits/26520 http://www.exploit-db.com/exploits/26520 https://exchange.xforce.ibmcloud.com/vulnerabilities/85417 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A Path traversal exists in http_server which allows an attacker to read arbitrary system files. Se presenta un Salto de Ruta en http_server que permite a un atacante leer archivos arbitrarios del sistema. • https://hackerone.com/reports/692262 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •