Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Insufficient Session Expiration
Affects pterodactyl/panel | Versions >=0.8.0-alpha.1
Has fix
ComposerPublished 6 Jan 2026
  • H
Improper Validation of Specified Quantity in Input
Affects pocketmine/pocketmine-mp | Versions <4.18.1
Has fix
ComposerPublished 1 Jan 2026
  • L
Improper Encoding or Escaping of Output
Affects composer/composer | Versions >=2.0.0, <2.2.26>=2.3.0, <2.9.3
Has fix
ComposerPublished 1 Jan 2026
  • M
Cross-site Scripting (XSS)
Affects yourls/yourls | Versions >=0.0.0
Has fix
ComposerPublished 31 Dec 2025
  • M
Server-side Request Forgery (SSRF)
Affects feehi/cms | Versions >=0.0.0
Has fix
ComposerPublished 31 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects facturascripts/facturascripts | Versions <2025.7
Has fix
ComposerPublished 31 Dec 2025
  • H
Information Exposure
Affects thorsten/phpmyfaq | Versions <4.0.16>=4.1.0-alpha, <4.1.0-rc
Has fix
ComposerPublished 30 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects pterodactyl/panel | Versions >=0.6.0-beta.1
Has fix
ComposerPublished 30 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
  • M
SQL Injection
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
  • M
Access Control Bypass
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
  • M
SQL Injection
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
  • M
Race Condition
Affects opencart/opencart | Versions >=0.0.0
Has fix
ComposerPublished 28 Dec 2025
  • H
Directory Traversal
Affects croogo/croogo | Versions >=0.0.0
Has fix
ComposerPublished 28 Dec 2025
  • H
Command Injection
Affects dreamfactory/df-core | Versions <1.0.10
Has fix
ComposerPublished 24 Dec 2025
  • H
Arbitrary File Upload
Affects cadmium-org/cadmium-cms | Versions >=0.0.0
Has fix
ComposerPublished 24 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects simplemachines/smf | Versions >=0.0.0
Has fix
ComposerPublished 21 Dec 2025
  • M
CSV Injection
Affects thorsten/phpmyfaq | Versions <3.1.16
Has fix
ComposerPublished 19 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects roundcube/roundcubemail | Versions <1.5.12>=1.6.0, <1.6.12
Has fix
ComposerPublished 19 Dec 2025
  • M
Improper Encoding or Escaping of Output
Affects roundcube/roundcubemail | Versions <1.5.12>=1.6.0, <1.6.12
Has fix
ComposerPublished 19 Dec 2025
  • M
Use of a Broken or Risky Cryptographic Algorithm
Affects aws/aws-sdk-php | Versions <3.368.0
Has fix
ComposerPublished 18 Dec 2025
  • H
Incorrect Authorization
Affects auth0/auth0-php | Versions >=8.0.0, <8.18.0
Has fix
ComposerPublished 18 Dec 2025
  • H
Authorization Bypass Through User-Controlled Key
Affects pagekit/pagekit | Versions >=0.8.8
Has fix
ComposerPublished 17 Dec 2025
  • C
Improper Authorization
Affects potsky/pimp-my-log | Versions >=0.0.0
Has fix
ComposerPublished 17 Dec 2025
  • M
Improper Verification of Cryptographic Signature
Affects altcha-org/altcha | Versions <1.3.1
Has fix
ComposerPublished 17 Dec 2025
  • M
Arbitrary File Upload
Affects soosyze/soosyze | Versions >=1.0.0-alpha1
Has fix
ComposerPublished 16 Dec 2025
  • M
Server-side Request Forgery (SSRF)
Affects getgrav/grav | Versions >=0.8.0
Has fix
ComposerPublished 16 Dec 2025
  • M
Cross-site Scripting (XSS)
Affects getgrav/grav | Versions >=0.8.0
Has fix
ComposerPublished 16 Dec 2025
  • H
Arbitrary File Upload
Affects elkarte/elkarte | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025
  • C
Incorrect Permission Assignment for Critical Resource
Affects xmo/mine-core | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025