crud-file-server@0.0.4 vulnerabilities
file server supporting basic create, read, update, & delete for any kind of file
-
latest version
0.10.0
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
6 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the crud-file-server package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of the package are vulnerable to Directory Traversal, which may allow access to sensitive files and data on the server. For example, requesting the following url How to fix Directory Traversal? Upgrade |
<0.9.0
|
Affected versions of the package are vulnerable to Directory Traversal, which may allow access to sensitive files and data on the server. For example, requesting the following url How to fix Directory Traversal? Upgrade |
<0.9.0
|
crud-file-server exposes a directory to create, read, update, and delete operations over http. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to embed HTML in file names, which might lead to execute malicious JavaScript. How to fix Cross-site Scripting (XSS)? Upgrade |
<0.9.0
|
crud-file-server exposes a directory to create, read, update, and delete operations over http. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to embed HTML in file names, which might lead to execute malicious JavaScript. How to fix Cross-site Scripting (XSS)? Upgrade |
<0.9.0
|