Vulnerability Details CVE-2017-16037
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-16037
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.10
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.11
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.12
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.13
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.14
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.15
-
cpe:2.3:a:gomeplus-h5-proxy_project:gomeplus-h5-proxy:1.0.9