Headline
CVE-2023-46497: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in @evershop/evershop - Cx16846793-56b6 - DevHub
Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the mkdirSync function in the folderCreate/createFolder.js endpoint.
Stay up to date with our newsletter!
Your Email…
Related news
GHSA-7443-5962-wp4r: Directory Traversal in evershop
Directory Traversal vulnerability in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information via a crafted request to the mkdirSync function in the folderCreate/createFolder.js endpoint.