No products in the cart.
LOGIN / SIGN UP

Home
Blog
[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module

[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module

(452 views)

[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module by Thomas Sermpinis Title: File Type Restriction Bypass in Socket.io-file NPM module Date: 31/07/2020 CVE-ID: 2020-24807 Advisory: https://github.com/advisories/GHSA-6495-8jvh-f28x Author: Thomas Sermpinis Versions: <= 2.0.31 Package URL: https://www.npmjs.com/package/socket.io-file Tested on: node v10.19.0, Socket.io-file v2.0.31, socket.io v2.3.0 Proof of Concept: – During some of our pentests, we face....

Read the rest of this story with a free account.

Sign up with Google Sign up with Facebook Sign up with email

Already have an account? Sign in

October 7, 2020

Author

Bartek Adach

Latest Articles

BlogDecember 28, 2022Cybersecurity in Education: What Parents, Teachers, and Students Should Know in 2023
BlogDecember 15, 2022Remembering Leonard Jacobs
BlogSeptember 30, 2022VPN Security: A Pentester's Guide to VPN Vulnerabilities
BlogAugust 9, 2022AppSec Tales II | Sign-in

Subscribe

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments

Inline Feedbacks

View all comments

https://pentestmag.com/wp-content/uploads/2023/06/PenTeswhitet.svg

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023