Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)
alextselegidis/easyappointments>=0.0.0Composer16 Feb 2025
  • C
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
islandora/crayfish>=0.0.0Composer13 Feb 2025
  • M
Cross-site Scripting (XSS)
redaxo/source>=5.12.0-beta1, <5.18.2Composer12 Feb 2025
  • H
Information Exposure
opensource-workshop/connect-cms<1.8.4Composer9 Feb 2025
  • M
Access Control Bypass
opensource-workshop/connect-cms<1.8.7>=2.0.0, <2.4.7Composer9 Feb 2025
  • M
Cross-site Scripting (XSS)
mwdelaney/wp-enable-svg>=0.0.0Composer9 Feb 2025
  • M
Information Exposure
pimcore/admin-ui-classic-bundle<1.7.4Composer9 Feb 2025
  • H
Improper Restriction of Excessive Authentication Attempts
sylius/sylius>=0.0.0Composer7 Feb 2025
  • M
Cross-site Scripting (XSS)
phpoffice/phpspreadsheet<1.29.9>=2.0.0, <2.1.8>=2.2.0, <2.3.7>=3.0.0, <3.9.0Composer4 Feb 2025
  • H
Improper Input Validation
spatie/browsershot<5.0.5Composer4 Feb 2025
  • H
Arbitrary File Upload
cockpit-hq/cockpit<2.4.1Composer4 Feb 2025
  • H
Improper Input Validation
spatie/browsershot<5.0.5Composer4 Feb 2025
  • M
Cross-site Scripting (XSS)
backdrop/backdrop<1.30.0Composer3 Feb 2025
  • M
Cross-site Scripting (XSS)
backdrop/backdrop<1.30.0Composer3 Feb 2025
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
twig/twig>=3.16.0, <3.19.0Composer30 Jan 2025
  • M
External Control of File Name or Path
tcg/voyager>=0.0.0Composer30 Jan 2025
  • M
Cross-site Scripting (XSS)
tcg/voyager>=0.0.0Composer30 Jan 2025
  • M
Arbitrary File Upload
tcg/voyager>=0.0.0Composer30 Jan 2025
  • L
Authorization Bypass Through User-Controlled Key
causal/oidc>=3.0.0, <4.0.0Composer29 Jan 2025
  • M
Cross-site Scripting (XSS)
pimcore/pimcore>=0.0.0Composer29 Jan 2025
  • H
SQL Injection
pimcore/customer-management-framework-bundle<4.2.1Composer29 Jan 2025
  • M
Cross-site Scripting (XSS)
dcat/laravel-admin>=0.0.0Composer26 Jan 2025
  • M
SQL Injection
centreon/centreon>=23.0.0, <23.4.24>=23.10.0, <23.10.19>=24.0.0, <24.4.9>=24.10.0, <24.10.3Composer24 Jan 2025
  • M
SQL Injection
centreon/centreon>=23.0.0, <23.4.24>=23.10.0, <23.10.19>=24.0.0, <24.4.9>=24.10.0, <24.10.3Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)
phpmyadmin/phpmyadmin>=5.0.0, <5.2.2Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)
phpmyadmin/phpmyadmin>=5.0.0, <5.2.2Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)
prestashop/ps_contactinfo<3.3.3Composer23 Jan 2025
  • M
Cross-site Scripting (XSS)
phpoffice/phpspreadsheet<1.29.8>=2.2.0, <2.3.6>=2.0.0, <2.1.7>=3.0.0, <3.8.0Composer22 Jan 2025
  • H
Arbitrary Code Injection
craftcms/cms>=4.0.0-RC1, <4.13.8>=5.0.0-RC1, <5.5.5Composer22 Jan 2025
  • H
Cross-site Request Forgery (CSRF)
johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025