For providers

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM...

Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding...

Confidant is a open source secret management service that provides user-friendly storage and access to secrets. The following endpoints are subject to a cross site scripting vulnerability: GET...

GDidees CMS

SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.

SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing...

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file.

eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.

eNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.

eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via upload_files.