Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Arbitrary Code Injection		craftcms/cms>=3.0.0-RC1, <3.9.15>=4.0.0-RC1, <4.14.15>=5.0.0-RC1, <5.6.17Composer26 May 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • H
Missing Authorization		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • H
Improper Encoding or Escaping of Output		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)		couleurcitron/tarteaucitron-wp<0.3.0Composer22 May 2025
  • M
Authorization Bypass Through User-Controlled Key		in2code/femanager>=8.0.0, <8.2.2>=7.0.0, <7.4.2>=6.0.0, <6.4.1>=5.5.0, <5.5.5Composer22 May 2025
  • M
Cross-site Scripting (XSS)		clickstorm/cs-seo>=6.3.0, <6.8.0>=7.0.0, <7.5.0>=8.0.0, <8.4.0>=9.0.0, <9.3.0Composer22 May 2025
  • M
Arbitrary File Upload		typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer22 May 2025
  • H
Authentication Bypass Using an Alternate Path or Channel		typo3/cms-backend>=12.0.0, <12.4.31>=13.0.0, <13.4.12Composer22 May 2025
  • M
Unverified Password Change		typo3/cms-setup>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Unverified Password Change		typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Cross-site Scripting (XSS)		dnadesign/silverstripe-elemental>=2.1.2, <5.3.12Composer21 May 2025
  • L
Server-side Request Forgery (SSRF)		typo3/cms-webhooks>=12.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • H
Unverified Ownership		typo3/cms-core>=10.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Incorrect Authorization		typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • H
Authorization Bypass Through User-Controlled Key		moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Information Exposure		moodle/moodle<2.3.10>=2.4.0-rc1, <2.4.7>=2.5.0-beta, <2.5.3Composer21 May 2025
  • L
Use of GET Request Method With Sensitive Query Strings		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Arbitrary Code Injection		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Cross-site Request Forgery (CSRF)		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Cross-site Scripting (XSS)		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Authorization Bypass Through User-Controlled Key		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Arbitrary Code Injection		moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025