Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-3771
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
Statics-server Project Statics-server
6.1
CVSSv3
CVE-2022-29589
Crypt Server prior to 3.3.0 allows XSS in the index view. This is related to serial, computername, and username.
Crypt-server Project Crypt-server
5.4
CVSSv3
CVE-2018-16484
A XSS vulnerability was found in module m-server <1.4.2 that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names.
M-server Project M-server
6.5
CVSSv3
CVE-2018-16485
Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.
M-server Project M-server
9.8
CVSSv3
CVE-2015-10086
A vulnerability, which was classified as critical, was found in OpenCycleCompass server-php. Affected is an unknown function of the file api1/login.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. This product is usi...
Server-php Project Server-php
7.5
CVSSv3
CVE-2014-10066
Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.
Fancy-server Project Fancy-server
7.5
CVSSv3
CVE-2019-15596
A path traversal in statics-server exists in all version that allows an malicious user to perform a path traversal when a symlink is used within the working directory.
Statics-server Project Statics-server
7.5
CVSSv3
CVE-2017-16090
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Fsk-server Project Fsk-server
7.5
CVSSv3
CVE-2018-25087
A vulnerability classified as problematic was found in Arborator Server. This vulnerability affects the function start of the file project.cgi. The manipulation of the argument project leads to denial of service. Continious delivery with rolling releases is used by this product. ...
Arborator Server Project Arborator Server
7.2
CVSSv3
CVE-2020-26938
In oauth2-server (aka node-oauth2-server) up to and including 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. This al...
Oauth2-server Project Oauth2-server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »