bl4de

28 exploits Active since May 2018
CVE-2019-5422 GITHUB MEDIUM NO CODE
buttle 0.2.0 - Stored Cross-Site Scripting via Arbitrary File Creation
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.
CVSS 6.1
CVE-2020-8214 GITHUB HIGH NO CODE
servey < 3 - Path Traversal
A path traversal vulnerability in servey version < 3 allows an attacker to read content of any arbitrary file.
CVSS 7.5
CVE-2021-40100 GITHUB MEDIUM NO CODE
Concrete CMS < 8.5.5 - Stored Cross-Site Scripting in Conversations Rich Text Editor
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text.
CVSS 5.4