Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm @saltcorn/server Security Advisories
Browse all Security Advisories for npm @saltcorn/server
Loading...
Moderate
Ecosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 11 days ago
GSA_kwCzR0hTQS1wZjU2LWg5cWYtcnhxNM4ABAA4
Saltcorn Server Stored Cross-Site Scripting (XSS) in event logs pageEcosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: 11 days ago
High
Ecosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 11 days ago
GSA_kwCzR0hTQS00M2YzLWg2M3ctcDZmNs4ABAA3
Saltcorn Server allows logged-in users to delete arbitrary files because of a path traversal vulnerabilityEcosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 11 days ago
High
Ecosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 14 days ago
GSA_kwCzR0hTQS03OHAzLWZ3Y3EtNjJjMs4AA_8Q
@saltcorn/server Remote Code Execution (RCE) / SQL injection via prototype pollution by manipulating `lang` and `defstring` parameters when setting localizer stringsEcosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 14 days ago
Moderate
Ecosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 14 days ago
GSA_kwCzR0hTQS1jZnF4LWY0M20tdmZoN84AA_8P
@saltcorn/server arbitrary file and directory listing when accessing build mobile app resultsEcosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: 14 days ago
Moderate
Ecosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: 14 days ago
GSA_kwCzR0hTQS0yNzdoLXB4NG0tNjJxOM4AA_8O
@saltcorn/server arbitrary file zip read and download when downloading auto backupsEcosystems: npm
Packages: @saltcorn/server
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: 14 days ago
Statistics
Advisories: 20,344
Packages: 8,928
Repositories: 1
Ecosystems: 12
Packages: 8,928
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
31
electron
26
directus
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
next
18
sequelize
16
tinymce
16
ghost
15
ckeditor4
15
swagger-ui
14
joplin
13
strapi
13
undici
13
angular
13
vm2
12
tinymce/tinymce
11
TinyMCE
11
nodebb
11
handlebars
11
marked
11
bootstrap
10
flowise
10
nocodb
10
matrix-js-sdk
10
@evershop/evershop
9
serve
9
@strapi/strapi
9
bootstrap
9
bootstrap
9
next-auth
9
org.webjars:bootstrap
9
twbs/bootstrap
9
matrix-react-sdk
9
tar
8
url-parse
8
steal
8
matrix-appservice-irc
8
jquery
8
org.webjars.npm:jquery
8
jquery-rails
8
validator
8
editor.md
8
jsrsasign
8
urijs
8
node-forge
8
npm
8
systeminformation
8
express-cart
8
sanitize-html
7
snyk-broker
7
jquery-ui-rails
7
elliptic
7
lodash
7
org.webjars.npm:jquery-ui
7
uptime-kuma
7
jQuery.UI.Combined
7
bootstrap-sass
7
lunary
7
hapi
7
vite
7
hermes-engine
7
jquery-ui
7
total.js
7
jQuery
7
bootstrap.sass
7
shescape
7
aaptjs
6
parse-url
6
bootstrap-sass
6
dompurify
6
rsshub
6
safe-eval
6
@strapi/plugin-users-permissions
6
rendertron
5
lodash-es
5
dojo
5
ws
5
public
5
xlsx
5
ejs
5
axios
5
openpgp
5
prismjs
5
ua-parser-js
5
mysql2
5
@saltcorn/server
5
mongoose
5
keystone
5
total4
5
mattermost-desktop
5
sweetalert2
5
yarn
5
vditor
5
vega
4
hono
4
auth0-lock
4
katex
4
ecstatic
4
simple-markdown
4
@backstage/plugin-scaffolder-backend
4
apostrophe
4
mermaid
4
follow-redirects
4
meshcentral
4
fast-xml-parser
4
valine
4
auth0-js
4
moment
4
safer-eval
4
convert-svg-core
4
@keystone-6/core
4
express
4
muhammara
4
hummus
4
jsonwebtoken
4
remarkable
4
glance
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
qs
4
engine.io
4
materialize-css
4
@lobehub/chat
4
simple-git
4
mongo-express
4
generator-jhipster
4
apollo-server-core
4
fastify
4
realms-shim
4
jspdf
3
ses
3
convict
3
node-jose
3
notevil
3
snyk
3
@soketi/soketi
3
@janhq/core
3
jointjs
3
@jmondi/url-to-png
3
layui
3
@backstage/techdocs-common
3
openmct
3
raneto
3
socket.io-parser
3
docsify
3
localhost-now
3
mixme
3
fuxa-server
3
connect
3
serialize-to-js
3
parsel
3
nadesiko3
3
@ckeditor/ckeditor5-markdown-gfm
3
typeorm
3
@sequelize/core
3
mysql
3
blamer
3
sails
3
@uppy/companion
3
bson
3
jose
3
braces
3
socket.io-file
3
locutus
3
django-tinymce
3
highcharts
3
xmldom
3
mxgraph
3
immer
3
renovate
3
json-pointer
3
wrangler
3
@strapi/plugin-content-manager
3
@sveltejs/kit
3
grunt
3
froala-editor
3
ftp-srv
3
@apollo/server
3
stimulsoft-dashboards-js
3
@hapi/subtext
3
subtext
3
send
3
@frangoteam/fuxa
3
yapi-vendor
3
bin-links
3
@commercial/subtext
3
postcss
3
dojox
3
org.webjars.npm:xlsx
3
xdLocalStorage
3
node-opcua
3
codecov
3
dset
3
json-ptr
3
nodemailer
3
@materializecss/materialize
3
node-fetch
3
n8n
3
Filter by Repository