omphalos/crud-file-server

Releases2

Frequency4 months 2 weeks

Last Release over 11 years ago

Stars19

basic file server supporting create, read, update, & delete

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-3726 ↗	Jun 7, 2018Thursday, 7 June 2018, 02:29	6.1 MEDIUM	4.3 MEDIUM
crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
CVE-2018-3733 ↗	May 29, 2018Tuesday, 29 May 2018, 20:29	7.5 HIGH	5 MEDIUM
crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.