Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
M Incorrect Authorization	contao/core-bundle>=5.3.0, <5.3.38>=5.4.0-RC1, <5.6.1	Composer	29 Aug 2025
M Incorrect Authorization	contao/core-bundle>=4.9.14, <4.13.56>=5.0.0-RC1, <5.3.38>=5.4.0-RC1, <5.6.1	Composer	29 Aug 2025
M Incorrect Authorization	contao/comments-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1	Composer	29 Aug 2025
M Incorrect Authorization	contao/core-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1	Composer	29 Aug 2025
M Cross-site Scripting (XSS)	moonshine/moonshine>=0.0.0	Composer	28 Aug 2025
H Arbitrary Code Injection	craftcms/cms>=4.0.0-RC1, <4.16.5>=5.0.0-RC1, <5.8.7	Composer	28 Aug 2025
M Unrestricted Upload of File with Dangerous Type	moonshine/moonshine<3.12.5	Composer	28 Aug 2025
H SQL Injection	alextselegidis/easyappointments>=0.0.0	Composer	28 Aug 2025
M SQL Injection	lee-to/moonshine-tree-resource<2.0.2	Composer	28 Aug 2025
H Server-side Request Forgery (SSRF)	phpoffice/phpspreadsheet<1.30.0>=2.0.0, <2.1.12>=2.2.0, <2.4.0>=3.3.0, <3.10.0>=4.0.0, <5.0.0	Composer	27 Aug 2025
C Arbitrary File Upload	badaso/core>=1.0.0-alpha.1	Composer	27 Aug 2025
M Cross-site Scripting (XSS)	moonshine/moonshine<3.12.4	Composer	26 Aug 2025
M CSV Injection	unopim/unopim<0.3.1	Composer	25 Aug 2025
H Missing Authorization	unopim/unopim<0.3.1	Composer	25 Aug 2025
H Cross-site Request Forgery (CSRF)	unopim/unopim<0.2.1	Composer	25 Aug 2025
H Arbitrary File Upload	unopim/unopim<0.2.1	Composer	25 Aug 2025
H Cross-site Scripting (XSS)	unopim/unopim<0.2.1	Composer	25 Aug 2025
M Cross-site Scripting (XSS)	librenms/librenms<25.8.0	Composer	21 Aug 2025
M Server-side Request Forgery (SSRF)	johnbillion/wp-crontrol>=1.17.0, <1.19.2	Composer	21 Aug 2025
M Cross-site Scripting (XSS)	opencart/opencart>=2.2.0.0	Composer	20 Aug 2025
M Cross-site Scripting (XSS)	opencart/opencart>=2.2.0.0	Composer	20 Aug 2025
H Brute Force	soosyze/soosyze>=0.0.0	Composer	18 Aug 2025
H Directory Traversal	studio-42/elfinder<2.1.66	Composer	13 Aug 2025
M Cross-site Scripting (XSS)	enshrined/svg-sanitize<0.22.0	Composer	13 Aug 2025
H Arbitrary File Upload	simogeo/filemanager>=0.0.0	Composer	12 Aug 2025
H Arbitrary Code Injection	craftcms/cms>=4.13.8, <4.16.3>=5.5.8, <5.8.4	Composer	10 Aug 2025
M Cross-site Scripting (XSS)	concrete5/concrete5<8.5.21>=9.0.0RC1, <9.4.3	Composer	8 Aug 2025
L Cross-site Scripting (XSS)	concrete5/concrete5>=9.0.0RC1, <9.4.3	Composer	8 Aug 2025
C Directory Traversal	topthink/framework>=0.0.0	Composer	8 Aug 2025
M Cross-site Scripting (XSS)	microweber/microweber>=2.0.0	Composer	8 Aug 2025

APPLICATION

OPERATING SYSTEM