Sergey Lyubka » Mongoose : Security Vulnerabilities, CVEs,
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.
Max CVSS
5.0
EPSS Score
0.17%
Published
2009-12-31
Updated
2010-01-04
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
Max CVSS
4.0
EPSS Score
2.05%
Published
2009-04-21
Updated
2018-10-10
2 vulnerabilities found