CVE-2014-10066
N/A
N/A
Summary
Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as ../ to read files outside of the served directory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | fancy-server node module | <0.1.4 | affected |
Weaknesses
- CWE-22: Path Traversal (CWE-22)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.