Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		league/commonmark>=1.5.0, <2.7.0Composer6 May 2025
  • M
Cross-site Scripting (XSS)		leantime/leantime<3.3.0Composer4 May 2025
  • C
SQL Injection		adodb/adodb-php<5.22.9Composer4 May 2025
  • M
Host Header Injection		croogo/croogo>=0.0.0Composer25 Apr 2025
  • H
Missing Authorization		in2code/femanager<1.0.9Composer24 Apr 2025
  • C
Arbitrary Code Injection		in2code/powermail<1.6.11>=2.0.0, <2.0.14Composer24 Apr 2025
  • H
Improper Authentication		in2code/powermail>=2.0.0, <2.0.11Composer24 Apr 2025
  • M
Insecure Default Initialization of Resource		shopware/core<6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Insecure Default Initialization of Resource		shopware/platform<6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
SQL Injection		shopware/core<6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
SQL Injection		shopware/platform<6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Information Exposure		shopware/core<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Information Exposure		shopware/platform<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Access Control Bypass		shopware/core<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Access Control Bypass		shopware/platform<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • H
Improper Input Validation		shopware/core<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • H
Improper Input Validation		shopware/platform<6.5.8.17>=6.6.0.0, <6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025
  • M
Cross-site Scripting (XSS)		nilsteampassnet/teampass<2.1.25Composer23 Apr 2025
  • C
SQL Injection		nilsteampassnet/teampass<2.1.25Composer23 Apr 2025
  • M
Cross-site Request Forgery (CSRF)		mantisbt/mantisbt<1.3.11>=2.0.0, <2.3.3>=2.4.0, <2.4.1Composer23 Apr 2025
  • H
Weak Password Recovery Mechanism for Forgotten Password		mantisbt/mantisbt>=1.3.0-rc.2, <1.3.10>=2.0.0, <2.2.4>=2.3.0, <2.3.1Composer23 Apr 2025
  • M
Cross-site Scripting (XSS)		geshi/geshi<1.0.8.11Composer23 Apr 2025
  • H
Directory Traversal		geshi/geshi<1.0.8.11Composer23 Apr 2025
  • M
Cross-site Scripting (XSS)		concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)		concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)		concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)		concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)		concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • H
Arbitrary Code Injection		typo3/cms>=6.1.0, <6.1.4>=6.0.0, <6.0.9Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)		typo3/cms>=6.2.0, <6.2.16Composer22 Apr 2025