Exploit for CVE-2025-31486

Vite Path Traversal Lab CVE-2025-31486 !Open in GitHub Co...

Exploit for CVE-2025-31125

Vite Exploit CVE-2025-31125 Description: Exploits path tr...

CVE-2025-46565

Vite is a frontend tooling framework for javascript. Prior to versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network usi...

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." The files...

GHSA-RJJV-87MX-6X3H @sveltejs/kit vulnerable to XSS on dev mode 404 page

Summary "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." Details Source of potentially tainted data is in packages/kit/src/exports/vite/dev/index.js, line 437. This...