Filtered by vendor Statics-server Project Subscriptions
Filtered by product Statics-server Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15596 1 Statics-server Project 1 Statics-server 2024-11-21 7.5 High
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.
CVE-2018-3771 1 Statics-server Project 1 Statics-server 2024-11-21 6.1 Medium
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.