CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Http-File-Server Project: >> Http-File-Server >> 0.2.0 Security Vulnerabilities

CVE-2019-5458

Cross-site scripting (XSS) vulnerability in http-file-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.

CVSS Score

5.4

EPSS Score

0.001

Published

2019-07-30

CVE-2019-5447

A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.

CVSS Score

5.3

EPSS Score

0.002

Published

2019-07-15

Page 1

Vulnerabilities

Vulnerable Software

Http-File-Server Project: >> Http-File-Server >> 0.2.0 Security Vulnerabilities

Products

Pricing

Contact Us