Skip to main content

Crud File Server

2 CVEs product

Monthly

CVE-2018-3726 npm MEDIUM POC PATCH This Month

crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Crud File Server
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2018-3733 npm HIGH POC PATCH This Week

crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Crud File Server
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Crud File Server
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Crud File Server
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy