stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read content of any file with known path.
Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine.
resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path.
crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.
Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
hcbserver is a static file server. hcbserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to those with a file extension. Files with no extension such as /etc/passwd throw an error.
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
ltt is a static file server. ltt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
serverabc is a static file server. serverabc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
dcserver is a static file server. dcserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
open-device creates a web interface for any device. open-device is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
gaoxuyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
wffserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
sly07 is an API for censoring text. sly07 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
11xiaoli is a simple file server. 11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
mfrserver is a simple file server. mfrserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.