Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Arbitrary Code Injection
livewire/livewire>=3.0.0-beta.1, <3.6.4Composer18 Jul 2025
  • C
Improper Neutralization of Special Elements Used in a Template Engine
binarytorch/larecipe<2.8.1Composer15 Jul 2025
  • M
Cross-site Scripting (XSS)
modx/revolution<2.7.1-plComposer14 Jul 2025
  • M
Cross-site Scripting (XSS)
modx/revolution<2.7.1-plComposer14 Jul 2025
  • L
Command Injection
james-heinrich/phpthumb>=0.0.0Composer14 Jul 2025
  • H
Exposure of Private Personal Information to an Unauthorized Actor
universal-omega/dynamic-page-list3<3.6.4Composer14 Jul 2025
  • H
Arbitrary Code Injection
bolt/bolt>=0.0.0Composer13 Jul 2025
  • M
Cross-site Scripting (XSS)
cockpit-hq/cockpit<2.11.4Composer7 Jul 2025
  • M
Arbitrary File Upload
shopxo/shopxo>=0.0.0Composer4 Jul 2025
  • H
Cross-site Scripting (XSS)
starcitizentools/citizen-skin<3.4.0Composer4 Jul 2025
  • M
Cross-site Scripting (XSS)
starcitizentools/citizen-skin<3.4.0Composer4 Jul 2025
  • M
SQL Injection
slowlyo/owl-admin<4.1.0Composer2 Jul 2025
  • M
Cross-site Scripting (XSS)
phplist/phplist3>=0.0.0Composer30 Jun 2025
  • M
Cross-site Scripting (XSS)
phplist/phplist3>=0.0.0Composer30 Jun 2025
  • M
Cross-site Scripting (XSS)
magento/community-edition>=2.4.5, <2.4.5-p13>=2.4.6-p1, <2.4.6-p11>=2.4.7-beta1, <2.4.7-p6>=2.4.8-beta1, <2.4.8-p1Composer26 Jun 2025
  • H
XML External Entity (XXE) Injection
phpoffice/math<0.3.0Composer26 Jun 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<25.5.0Composer25 Jun 2025
  • H
Improper Use of Validation Framework
lomkit/laravel-rest-api<2.13.0Composer23 Jun 2025
  • L
Improperly Controlled Modification of Dynamically-Determined Object Attributes
handcraftedinthealps/goodby-csv<1.4.3Composer23 Jun 2025
  • H
Arbitrary File Upload
hipdevteam/bb-plugin<2.9.1.1Composer23 Jun 2025
  • H
Information Exposure
oxid-esales/oxideshop-ce>=0.0.0Composer20 Jun 2025
  • M
Cross-site Scripting (XSS)
juzaweb/cms>=0.0.0Composer20 Jun 2025
  • C
Arbitrary Code Injection
pterodactyl/panel>=0.0.0, <1.11.11Composer20 Jun 2025
  • M
Incorrect Authorization
magento/community-edition<2.4.4-p13>=2.4.5, <2.4.5-p12>=2.4.6, <2.4.6-p10>=2.4.7-beta1, <2.4.7-p5>=2.4.8-beta1, <2.4.8Composer19 Jun 2025
  • M
Cross-site Scripting (XSS)
nitsan/ns-backup<13.0.1Composer19 Jun 2025
  • H
Direct Request ('Forced Browsing')
nitsan/ns-backup<13.0.1Composer19 Jun 2025
  • H
Command Injection
nitsan/ns-backup<13.0.1Composer19 Jun 2025
  • M
Authorization Bypass Through User-Controlled Key
renolit/reint-downloadmanager<4.0.2>=5.0.0, <5.0.1Composer19 Jun 2025
  • M
Cross-site Scripting (XSS)
koillection/koillection<1.6.11Composer19 Jun 2025
  • H
External Control of File Name or Path
elmsln/haxcms>=0.0.0Composer18 Jun 2025