CVE-2023-46493 | EverShop NPM up to 1.0.0-rc.7 Request fileBrowser/browser.js readDirSync path traversal

Inserito da Angelo Barbosa | Dic 8, 2023 | CVE

A vulnerability classified as critical was found in EverShop NPM up to 1.0.0-rc.7. This vulnerability affects the function readDirSync of the file fileBrowser/browser.js of the component Request Handler. The manipulation leads to path traversal.

This vulnerability was named CVE-2023-46493. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-46493 | EverShop NPM up to 1.0.0-rc.7 Request fileBrowser/browser.js readDirSync path traversal

Post correlati

CVE-2024-4168 | Tenda 4G300 1.01.42 sub_4260F0 upfilen stack-based overflow

CVE-2024-41037 | Linux Kernel up to 6.6.40/6.9.9 ASoC hw_params_upon_resume null pointer dereference (8246bbf818ed/993af0f2d9f2/9065693dcc13)

CVE-2024-40521 | SeaCMS 12.9 admin_template.php Remote Code Execution

CVE-2024-1096 | Filseclab Twister Antivirus 8.17 IOCTL fildds.sys input validation