Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
H Improper Access Control	mautic/core>=1.1.3, <4.4.13>=5.0.0-alpha, <5.1.1	Composer	19 Sept 2024
M Cross-site Scripting (XSS)	mautic/core-lib>=2.6.0, <4.4.13>=5.0.0-alpha, <5.1.1	Composer	19 Sept 2024
M Cross-site Scripting (XSS)	mautic/core>=2.6.0, <4.4.13>=5.0.0-alpha, <5.1.1	Composer	19 Sept 2024
M Cross-site Scripting (XSS)	concrete5/concrete5>=9.0.0, <9.3.4	Composer	18 Sept 2024
H XML External Entity (XXE) Injection	kimai/kimai<2.21.0	Composer	18 Sept 2024
M Cross-site Scripting (XSS)	wireui/wireui<1.19.3>=2.0.0, <2.1.3	Composer	18 Sept 2024
M Improper Input Validation	czim/file-handling<1.5.0>=2.0.0, <2.3.0	Composer	18 Sept 2024
M Access Control Bypass	in2code/powermail<7.5.1>=8.0.0, <8.5.1>=9.0.0, <10.9.1>=12.0.0, <12.4.1	Composer	18 Sept 2024
H Unrestricted Upload of File with Dangerous Type	contao/core-bundle>=4.0.0, <4.13.49>=5.0.0, <5.3.15>=5.4.0, <5.4.3	Composer	18 Sept 2024
M Path Traversal	contao/core-bundle<4.13.49	Composer	18 Sept 2024
M Improper Input Validation	contao/comments-bundle>=4.13.0, <4.13.49>=5.0.0, <5.3.15>=5.4.0, <5.4.3	Composer	18 Sept 2024
M Cross-site Scripting (XSS)	concrete5/concrete5>=9.0.0, <9.3.4<8.5.19	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Improper Authorization	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
H Path Traversal	magento/community-edition>=2.4.7-p1, <2.4.7-p2>=2.4.6-p1, <2.4.6-p7>=2.4.5-p1, <2.4.5-p9<2.4.4-p10	Composer	17 Sept 2024
M Cross-site Scripting (XSS)	damienharper/auditor-bundle<5.2.6	Composer	11 Sept 2024
M Deserialization of Untrusted Data	topthink/framework>=6.1.3	Composer	10 Sept 2024
M Cross-site Scripting (XSS)	craftcms/cms>=5.0.0, <5.1.2	Composer	10 Sept 2024
M Protection Mechanism Failure	twig/twig>=1.0.0, <1.44.8>=2.0.0, <2.16.1>=3.0.0, <3.11.1>=3.12.0, <3.14.0	Composer	10 Sept 2024
H Insecure Defaults	nategood/httpful<1.0.0	Composer	9 Sept 2024
M Cross-site Scripting (XSS)	reportico-web/reportico>=0.0.0	Composer	9 Sept 2024
H Server-Side Request Forgery (SSRF)	gleez/cms>=0.0.0	Composer	9 Sept 2024
M Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
L Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
L Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
M CSV Injection	limesurvey/limesurvey<5.6.68	Composer	4 Sept 2024
H Open Redirect	limesurvey/limesurvey<6.6.1	Composer	4 Sept 2024
H Local File Inclusion	limesurvey/limesurvey>=0.0.0	Composer	4 Sept 2024

APPLICATION

OPERATING SYSTEM