Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-25931
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
Easy-static-server Project Easy-static-server
9.8
CVSSv3
CVE-2021-40818
scheme/webauthn.c in Glewlwyd SSO server up to and including 2.5.3 has a buffer overflow during FIDO2 signature validation in webauthn registration.
Glewlwyd Sso Server Project Glewlwyd Sso Server
9.8
CVSSv3
CVE-2019-12567
Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and previous versions allows remote malicious users to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-...
Open Tftp Server Project Open Tftp Server
7.5
CVSSv3
CVE-2023-26104
All versions of the package lite-web-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.
Lite-web-server Project Lite-web-server -
6.5
CVSSv3
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
6.1
CVSSv3
CVE-2018-3726
crud-file-server node module prior to 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Crud-file-server Project Crud-file-server
7.5
CVSSv3
CVE-2017-16210
jn_jj_server is a static file server. jn_jj_server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Jn Jj Server Project Jn Jj Server
8.8
CVSSv3
CVE-2016-10914
The add-from-server plugin prior to 3.3.2 for WordPress has CSRF for importing a large file.
Add From Server Project Add From Server
7.5
CVSSv3
CVE-2020-7683
This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function.
Rollup-plugin-server Project Rollup-plugin-server
9.8
CVSSv3
CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is.
Http-server-node Project Http-server-node
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »