Liang Gong

34 exploits Active since May 2018
CVE-2017-16036 WRITEUP HIGH WORKING POC
Badjs-sourcemap-server - Path Traversal
`badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16037 WRITEUP HIGH WORKING POC
Gomeplus-h5-proxy - Path Traversal
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
CVSS 7.5
CVE-2017-16039 WRITEUP HIGH WORKING POC
Hftp - Path Traversal
`hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16083 WRITEUP HIGH WORKING POC
Node-simple-router < 0.10.0 - Path Traversal
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16084 WRITEUP HIGH WORKING POC
List-n-stream < 0.0.10 - Path Traversal
list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16085 WRITEUP HIGH WORKING POC
Tinyserver2 < 0.6.0 - Path Traversal
tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16089 WRITEUP HIGH WORKING POC
Serverlyr - Path Traversal
serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16090 WRITEUP HIGH WORKING POC
Fsk-server - Path Traversal
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16092 WRITEUP HIGH WORKING POC
Sencisho - Path Traversal
Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16093 WRITEUP HIGH WORKING POC
Cyber-js - Path Traversal
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16095 WRITEUP HIGH WORKING POC
Serverliujiayi1 - Path Traversal
serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16096 WRITEUP HIGH WORKING POC
Serveryaozeyan - Path Traversal
serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16101 WRITEUP HIGH WORKING POC
Serverwg - Path Traversal
serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16102 WRITEUP HIGH WORKING POC
Serverhuwenhui - Path Traversal
serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16103 WRITEUP HIGH WORKING POC
Serveryztyzt - Path Traversal
serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16104 WRITEUP HIGH WORKING POC
Citypredict.whauwiller - Path Traversal
citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16105 WRITEUP HIGH WORKING POC
Serverwzl - Path Traversal
serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
CVSS 7.5
CVE-2017-16106 WRITEUP HIGH WORKING POC
Tmock - Path Traversal
tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16108 WRITEUP HIGH WORKING POC
Gaoxiaotingtingting - Path Traversal
gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16109 WRITEUP MEDIUM WORKING POC
Easyquick < 0.1.1 - Path Traversal
easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file such as /etc/passwd returns a "not supported" error.
CVSS 5.3
CVE-2017-16120 WRITEUP HIGH WORKING POC
liyujing - Path Traversal
liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16121 WRITEUP HIGH WORKING POC
datachannel-client - Path Traversal
datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16122 WRITEUP HIGH WORKING POC
cuciuci - Path Traversal
cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16124 WRITEUP HIGH WORKING POC
node-server-forfront - Path Traversal
node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5
CVE-2017-16125 WRITEUP HIGH WORKING POC
rtcmulticonnection-client - Path Traversal
rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
CVSS 7.5