Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
static vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-16134
http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Http Static Simple Project Http Static Simple 0.1.1
9.8
CVSSv3
CVE-2013-4743
Static HTTP Server 1.0 has a Local Overflow
Static Http Server Project Static Http Server 1.0
1 EDB exploit
7.5
CVSSv3
CVE-2022-25848
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
Static-dev-server Project Static-dev-server 1.0.0
7.5
CVSSv3
CVE-2018-16493
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
Static-resource-server Project Static-resource-server 1.7.2
10
CVSSv3
CVE-2018-16462
A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.
Apex-publish-static-files Project Apex-publish-static-files
7.5
CVSSv3
CVE-2017-16248
The Catalyst-Plugin-Static-Simple module prior to 0.34 for Perl allows remote malicious users to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a ...
Catalyst-plugin-static-simple Project Catalyst-plugin-static-simple
6.1
CVSSv3
CVE-2021-22963
A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote malicious users to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applica...
Fastify Fastify-static
8.8
CVSSv3
CVE-2021-22964
A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote malicious users to redirect Mozilla Firefox users to arbitrary websites via a double slash `//` followed by a domain: `http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e`.A...
Fastify Fastify-static
7.5
CVSSv3
CVE-2023-26152
All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.
Nbluis Static-server
NA
CVE-2005-4284
Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was originally dispu...
Static Store Staticstore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »