Skip to main content

Simplehttpserver

3 CVEs product

Monthly

CVE-2018-16478 npm MEDIUM This Month

A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Simplehttpserver
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2018-3787 npm HIGH POC PATCH This Week

Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Simplehttpserver
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2018-3716 npm MEDIUM POC PATCH This Month

simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simplehttpserver
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 5.3
MEDIUM This Month

A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Simplehttpserver
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Simplehttpserver
NVD
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simplehttpserver
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy