Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Arbitrary File Upload		elkarte/elkarte>=0.0.0Composer14 Dec 2025
  • C
Incorrect Permission Assignment for Critical Resource		xmo/mine-core>=0.0.0Composer14 Dec 2025
  • M
PHP Remote File Inclusion		fof/pretty-mail>=0.0.0Composer14 Dec 2025
  • H
Improper Neutralization of Special Elements Used in a Template Engine		fof/pretty-mail>=0.0.0Composer14 Dec 2025
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core<4.7.31>=4.8.0, <4.8.27>=4.9.0, <4.9.28>=5.0.0, <5.0.24>=5.1.0, <5.1.21>=5.2.0, <5.2.23>=5.3.0, <5.3.20>=5.4.0, <5.4.18>=5.5.0, <5.5.17>=5.6.0, <5.6.16>=5.7.0, <5.7.14>=5.8.0, <5.8.12>=5.9.0, <5.9.12>=6.0.0, <6.0.11>=6.1.0, <6.1.9>=6.2.0, <6.2.8>=6.3.0, <6.3.7>=6.4.0, <6.4.7>=6.5.0, <6.5.7>=6.6.0, <6.6.4>=6.7.0, <6.7.4>=6.8.0, <6.8.3Composer12 Dec 2025
  • M
Missing Authorization		azuracast/azuracast<0.23.2Composer12 Dec 2025
  • M
Insertion of Sensitive Information Into Sent Data		johnpbloch/wordpress-core>=4.7.0, <4.7.31>=4.8.0, <4.8.27>=4.9.0, <4.9.28>=5.0.0, <5.0.24>=5.1.0, <5.1.21>=5.2.0, <5.2.23>=5.3.0, <5.3.20>=5.4.0, <5.4.18>=5.5.0, <5.5.17>=5.6.0, <5.6.16>=5.7.0, <5.7.14>=5.8.0, <5.8.12>=5.9.0, <5.9.12>=6.0.0, <6.0.11>=6.1.0, <6.1.9>=6.2.0, <6.2.8>=6.3.0, <6.3.7>=6.4.0, <6.4.7>=6.5.0, <6.5.7>=6.6.0, <6.6.4>=6.7.0, <6.7.4>=6.8.0, <6.8.3Composer12 Dec 2025
  • H
Arbitrary File Upload		dotclear/dotclear<2.31Composer12 Dec 2025
  • H
Uncaught Exception		robrichards/xmlseclibs<3.1.4Composer12 Dec 2025
  • H
Arbitrary File Upload		apprain/apprain>=0.0.0Composer11 Dec 2025
  • C
Unverified Password Change		ibexa/user>=5.0.0-beta1, <5.0.4Composer11 Dec 2025
  • C
Authentication Bypass Using an Alternate Path or Channel		filament/filament>=4.0.0, <4.3.1Composer10 Dec 2025
  • H
Cross-site Scripting (XSS)		shopware/storefront>=6.4.6.0, <6.6.10.10>=6.7.0.0, <6.7.5.1Composer10 Dec 2025
  • H
Arbitrary Code Injection		neuron-core/neuron-ai>=2.8.11, <2.8.12Composer10 Dec 2025
  • H
Execution with Unnecessary Privileges		neuron-core/neuron-ai>=2.8.11, <2.8.12Composer10 Dec 2025
  • M
Cross-site Scripting (XSS)		getgrav/grav>=0.0.0Composer5 Dec 2025
  • H
Directory Traversal		alexusmai/laravel-file-manager<3.3.2Composer5 Dec 2025
  • M
Cross-site Scripting (XSS)		snipe/snipe-it<8.3.4Composer4 Dec 2025
  • H
Directory Traversal		alexusmai/laravel-file-manager>=2.0.0, <3.3.2Composer4 Dec 2025
  • H
Arbitrary Command Injection		feehi/cms>=0.0.1Composer3 Dec 2025
  • H
Arbitrary File Upload		mautic/core-lib>=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7Composer3 Dec 2025
  • H
Arbitrary File Upload		mautic/core>=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7Composer3 Dec 2025
  • C
Access Control Bypass		mautic/core-lib>=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7Composer3 Dec 2025
  • C
Access Control Bypass		mautic/core>=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7Composer3 Dec 2025
  • H
Unsafe Dependency Resolution		dcat/laravel-admin>=0.1.0Composer3 Dec 2025
  • H
Cross-site Scripting (XSS)		aimeos/ai-cms-grapesjs>=2022.4.1, <2022.10.9>=2023.4.1, <2023.10.15>=2024.4.1, <2024.10.8>=2025.4.1, <2025.10.2Composer3 Dec 2025
  • M
Improper Restriction of Rendered UI Layers or Frames		feehi/cms>=0.0.1Composer3 Dec 2025
  • M
Authorization Bypass Through User-Controlled Key		feehi/cms>=0.0.1Composer3 Dec 2025
  • M
Cross-site Scripting (XSS)		feehi/cms>=0.0.1Composer3 Dec 2025
  • H
Improper Authorization		getgrav/grav<1.8.0-beta.27Composer2 Dec 2025