Description
wintiwebdev is a static file server. wintiwebdev is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://nodesecurity.io/advisories/458
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/wintiwebdev
Related Vulnerabilities
CVE-2019-10283 Vulnerability in maven package com.mabl.integration.jenkins:mabl-integration
CVE-2018-16487 Vulnerability in npm package lodash.defaultsdeep
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on
CVE-2020-7708 Vulnerability in npm package @irrelon/path
CVE-2016-1000232 Vulnerability in maven package org.webjars.npm:tough-cookie