CRITICAL🇵🇱 Wersja polska

CVE-2018-3744

CVSS 9.8v3.1pub. 2018-05-29upd. 2024-11-21

The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Html Pages Project Html Pages

    APP
    Html-Pages Project
    2.0.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2018-16481MEDIUM6.1ten sam produkt

A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the...