Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Snyk
Snykadded 2025/03/10 9:31 p.m.1 views

Cross-site Scripting (XSS)

Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient input sanitization in the "Add Folder" functionality. An attacker with admin privileges can exploit this by injecting malicious scripts int...

4.8CVSS5.3AI score0.00212EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/05/18 3:5 p.m.2 views

Malicious code in docs-component-folder-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 029903e7351485fc54de0e50d6f2f3c9c822895bd8d97930476b5a69f23dd6f9 The OpenSSF Package Analysis project identified 'docs-component-folder-selector' @ 1.0.6 npm as malicious. It is considered malicious because: -...

6.9AI score
Exploits0
myhack58
myhack58added 2017/04/17 12:0 a.m.47 views

For cross-browser local file disclosure vulnerability analysis-vulnerability warning-the black bar safety net

Foreword You know? You can easily turn ordinary file selector into a folder picker, to do this, simply drag the attribute“webkitdirectory”added to the type ='file'in the given input element on the line. Of course, with the folder selector is different, eventually you will load a given folder all...

6.9AI score0.0013EPSS
Exploits1
Rows per page
Query Builder