Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Arbitrary File Upload		hillelcoren/invoice-ninja<5.11.73Composer22 Sept 2025
  • H
Deserialization of Untrusted Data		snipe/snipe-it<8.1.18Composer22 Sept 2025
  • M
Cross-site Scripting (XSS)		snipe/snipe-it<8.1.18Composer22 Sept 2025
  • C
Improper Input Validation		magento/community-edition>=0.0.0Composer19 Sept 2025
  • C
Improper Input Validation		magento/project-community-edition>=0.0.0Composer19 Sept 2025
  • M
Cross-site Scripting (XSS)		zencart/zencart>=0.0.0Composer18 Sept 2025
  • M
SQL Injection		open-web-analytics/open-web-analytics<1.8.1Composer17 Sept 2025
  • L
Cross-site Scripting (XSS)		lavitto/typo3-form-to-database<2.2.5>=3.0.0, <3.2.2>=4.0.0, <4.2.3>=5.0.0, <5.0.2Composer17 Sept 2025
  • M
Cross-site Scripting (XSS)		yeswiki/yeswiki>=0.0.0Composer17 Sept 2025
  • M
Missing Authorization		typo3/cms-recordlist>=11.3.0Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-backend>=12.0.0, <12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Uncaught Exception		typo3/cms-backend>=11.3.0, <12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • H
Missing Authorization		typo3/cms-workspaces<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-workspaces<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-recycler<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-dashboard<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-beuser<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Missing Authorization		typo3/cms-backend<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Information Exposure		typo3/cms-core<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Insufficient Entropy		typo3/cms-core>=12.1.0, <12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Open Redirect		typo3/cms-core<12.4.37>=13.0.0, <13.4.18Composer15 Sept 2025
  • M
Authorization Bypass Through User-Controlled SQL Primary Key		intelliants/subrion>=0.0.0Composer15 Sept 2025
  • M
Improper Input Validation		datahihi1/tiny-env>=1.0.9, <1.0.11Composer15 Sept 2025
  • M
Improper Check or Handling of Exceptional Conditions		datahihi1/tiny-env<1.0.3>=1.0.9, <1.0.11Composer15 Sept 2025
  • H
Reliance on File Name or Extension of Externally-Supplied File		mahocommerce/maho<25.9.0Composer15 Sept 2025
  • H
Command Injection		nitsan/ns-backup<13.0.3Composer15 Sept 2025
  • M
SQL Injection		ricardomartins/pagbank-woocommerce<4.44.4Composer15 Sept 2025
  • M
Cross-site Scripting (XSS)		mautic/core-lib>=5.0.0-alpha, <5.2.8>=6.0.0-alpha, <6.0.5Composer8 Sept 2025
  • H
SQL Injection		tirreno/tirreno<0.9.6Composer8 Sept 2025
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025