Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		backdrop/backdrop<1.30.0Composer3 Feb 2025
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')		twig/twig>=3.16.0, <3.19.0Composer30 Jan 2025
  • M
External Control of File Name or Path		tcg/voyager>=0.0.0Composer30 Jan 2025
  • M
Cross-site Scripting (XSS)		tcg/voyager>=0.0.0Composer30 Jan 2025
  • M
Arbitrary File Upload		tcg/voyager>=0.0.0Composer30 Jan 2025
  • L
Authorization Bypass Through User-Controlled Key		causal/oidc>=3.0.0, <4.0.0Composer29 Jan 2025
  • M
Cross-site Scripting (XSS)		pimcore/pimcore>=0.0.0Composer29 Jan 2025
  • H
SQL Injection		pimcore/customer-management-framework-bundle<4.2.1Composer29 Jan 2025
  • M
Cross-site Scripting (XSS)		dcat/laravel-admin>=0.0.0Composer26 Jan 2025
  • M
SQL Injection		centreon/centreon>=23.0.0, <23.4.24>=23.10.0, <23.10.19>=24.0.0, <24.4.9>=24.10.0, <24.10.3Composer24 Jan 2025
  • M
SQL Injection		centreon/centreon>=23.0.0, <23.4.24>=23.10.0, <23.10.19>=24.0.0, <24.4.9>=24.10.0, <24.10.3Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)		phpmyadmin/phpmyadmin>=5.0.0, <5.2.2Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)		phpmyadmin/phpmyadmin>=5.0.0, <5.2.2Composer24 Jan 2025
  • M
Cross-site Scripting (XSS)		prestashop/ps_contactinfo<3.3.3Composer23 Jan 2025
  • M
Cross-site Scripting (XSS)		phpoffice/phpspreadsheet<1.29.8>=2.2.0, <2.3.6>=2.0.0, <2.1.7>=3.0.0, <3.8.0Composer22 Jan 2025
  • H
Arbitrary Code Injection		craftcms/cms>=4.0.0-RC1, <4.13.8>=5.0.0-RC1, <5.5.5Composer22 Jan 2025
  • H
Cross-site Request Forgery (CSRF)		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • C
SQL Injection		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • M
Improper Preservation of Consistency Between Independent Representations of Shared State		johnpbloch/wordpress-core>=4.7.0, <4.7.27>=4.8.0, <4.8.23>=4.9.0, <4.9.24>=5.0.0, <5.0.20>=5.1.0, <5.1.17>=5.2.0, <5.2.19>=5.3.0, <5.3.16>=5.4.0, <5.4.14>=5.5.0, <5.5.13>=5.6.0, <5.6.12>=5.7.0, <5.7.10>=5.8.0, <5.8.8>=5.9.0, <5.9.8>=6.0.0, <6.0.6>=6.1.0, <6.1.4>=6.2.0, <6.2.3>=6.3.0, <6.3.2Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core<4.1.38>=4.2.0, <4.2.35>=4.3.0, <4.3.31>=4.4.0, <4.4.30>=4.5.0, <4.5.29>=4.6.0, <4.6.26>=4.7.0, <4.7.26>=4.8.0, <4.8.22>=4.9.0, <4.9.23>=5.0.0, <5.0.19>=5.1.0, <5.1.16>=5.2.0, <5.2.18>=5.3.0, <5.3.15>=5.4.0, <5.4.13>=5.5.0, <5.5.12>=5.6.0, <5.6.11>=5.7.0, <5.7.9>=5.8.0, <5.8.7>=5.9.0, <5.9.6>=6.0.0, <6.0.4>=6.1.0, <6.1.2>=6.2.0, <6.2.1Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • M
Interpretation Conflict		codeigniter4/framework<4.5.8Composer22 Jan 2025
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer22 Jan 2025
  • C
Embedded Malicious Code		johnpbloch/wordpress-core>=2.1.1, <2.1.2Composer22 Jan 2025
  • M
Acceptance of Extraneous Untrusted Data With Trusted Data		johnpbloch/wordpress-core>=5.9.0, <5.9.7>=6.0.0, <6.0.5>=6.1.0, <6.1.3>=6.2.0, <6.2.2Composer22 Jan 2025
  • H
Directory Traversal		yeswiki/yeswiki<4.5.0Composer22 Jan 2025
  • H
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.0Composer22 Jan 2025
  • H
Cross-site Scripting (XSS)		yeswiki/yeswiki<4.5.0Composer22 Jan 2025
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes		johnpbloch/wordpress-core<3.7.38>=3.8.0, <3.8.38>=3.9.0, <3.9.36>=4.0.0, <4.0.35>=4.1.0, <4.1.35>=4.2.0, <4.2.32>=4.3.0, <4.3.28>=4.4.0, <4.4.27>=4.5.0, <4.5.26>=4.6.0, <4.6.23>=4.7.0, <4.7.23>=4.8.0, <4.8.19>=4.9.0, <4.9.20>=5.0.0, <5.0.16>=5.1.0, <5.1.13>=5.2.0, <5.2.15>=5.3.0, <5.3.12>=5.4.0, <5.4.10>=5.5.0, <5.5.9>=5.6.0, <5.6.8>=5.7.0, <5.7.6>=5.8.0, <5.8.4>=5.9.0, <5.9.2Composer22 Jan 2025