CVE-2017-16160

11xiaoli is a simple file server. 11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.

Published : 2018-06-07 02:29 Updated : 2019-10-09 23:24

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
11xiaoli Project 11xiaoli 1.1.0 cpe:/a:11xiaoli_project:11xiaoli:1.1.0::~~~node.js~~
  1. 11xiaoli Project (1) Search CVE
    1. 11xiaoli (1) Search CVE
      1. 1.1.0

CWE

ID Name Description Links
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. CVE

History of changes

Date Event
2018-07-13 13:21
2018-06-07 02:29

New CVE