Lucene search
K

10 matches found

GithubExploit
GithubExploit
added 2025/07/24 7:31 p.m.292 views

Exploit for CVE-2025-31486

Vite Path Traversal Lab CVE-2025-31486 !Open in GitHub Co...

5.3CVSS7.3AI score0.35194EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/07/13 4:42 p.m.235 views

Exploit for CVE-2025-31125

Vite Exploit CVE-2025-31125 Description: Exploits path tr...

5.3CVSS7.3AI score0.621EPSS
Exploits9
NVD
NVD
added 2025/05/01 6:15 p.m.27 views

CVE-2025-46565

Vite is a frontend tooling framework for javascript. Prior to versions 6.3.4, 6.2.7, 6.1.6, 5.4.19, and 4.5.14, the contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Only apps explicitly exposing the Vite dev server to the network usi...

6CVSS0.01077EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/03/31 1:43 p.m.383 views

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

5.3CVSS6.6AI score0.76736EPSS
Exploits35
GithubExploit
GithubExploit
added 2025/03/31 1:43 p.m.291 views

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

5.3CVSS6.6AI score0.76736EPSS
Exploits35
GithubExploit
GithubExploit
added 2025/03/31 1:43 p.m.231 views

Exploit for CVE-2025-30208

ViteVulScan Vulnerabilities Overview This project involves...

5.3CVSS6.6AI score0.76736EPSS
Exploits35
Cvelist
Cvelist
added 2024/11/25 7:15 p.m.34 views

CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." The files...

2CVSS0.00321EPSS
Exploits0References2
OSV
OSV
added 2024/11/25 3:33 p.m.13 views

GHSA-RJJV-87MX-6X3H @sveltejs/kit vulnerable to XSS on dev mode 404 page

Summary "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." Details Source of potentially tainted data is in packages/kit/src/exports/vite/dev/index.js, line 437. This...

5.1AI score0.00321EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/04/22 12:0 a.m.5 views

The vulnerability of the Vite application development local server, related to access control deficiencies, allows a hacker to execute arbitrary code.

The vulnerability of the Vite application development local server is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

5.9CVSS6AI score0.00711EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.5 views

The vulnerability of the server.transformIndexHtml() function on the local development server of the Vite application allows attackers to perform cross-site scripting attacks.

The vulnerability of the server.transformIndexHtml function on the local development server of the Vite application is related to the lack of measures taken to neutralize HTML tags. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS6.5AI score0.00997EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder