By Risk Score
By Publish Date
By Recent Activity
slashes vulnerabilities and exploits
(subscribe to this query)
Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to installer/index.php....
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive....
1 Github repository available
Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL....
MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote attackers to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request....
Mdg Computer Services
Web Server 4d Ecommerce
A flaw was found in mod_auth_openidc before version 22.214.171.124. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon....
Mod Auth Openidc Project
Mod Auth Openidc
A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path....
Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request....
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL....
FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//)....
Flexwatch Network Video Server
1 EDB exploit available
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests....
mods for hesk