Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)
apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)
apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)
apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)
apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)
apprain/apprain>=0.0.0Composer7 Sept 2025
  • H
Allocation of Resources Without Limits or Throttling
pocketmine/pocketmine-mp<5.32.1Composer7 Sept 2025
  • L
Information Exposure
prestashop/prestashop<8.2.3Composer5 Sept 2025
  • M
Path Traversal
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Time-of-check Time-of-use (TOCTOU) Race Condition
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Incorrect Authorization
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Cross-Site Request Forgery (CSRF)
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Improper Input Validation
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Cross-site Scripting (XSS)
magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Unverified Ownership
mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • M
Observable Response Discrepancy
mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • M
Server-side Request Forgery (SSRF)
mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • L
Improper Restriction of Rendered UI Layers or Frames
boomcms/boom-core>=0.0.0Composer3 Sept 2025
  • H
Allocation of Resources Without Limits or Throttling
mikecao/flight<1.2Composer3 Sept 2025
  • C
Deserialization of Untrusted Data
prestashop/prestashop<8.2.1Composer3 Sept 2025
  • M
Incorrect Authorization
contao/core-bundle>=5.3.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization
contao/core-bundle>=4.9.14, <4.13.56>=5.0.0-RC1, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization
contao/comments-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization
contao/core-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Cross-site Scripting (XSS)
moonshine/moonshine>=0.0.0, <3.12.6Composer28 Aug 2025
  • H
Arbitrary Code Injection
craftcms/cms>=4.0.0-RC1, <4.16.5>=5.0.0-RC1, <5.8.7Composer28 Aug 2025
  • M
Unrestricted Upload of File with Dangerous Type
moonshine/moonshine<3.12.5Composer28 Aug 2025
  • H
SQL Injection
alextselegidis/easyappointments>=0.0.0, <1.5.2Composer28 Aug 2025
  • M
SQL Injection
lee-to/moonshine-tree-resource<2.0.2Composer28 Aug 2025
  • H
Server-side Request Forgery (SSRF)
phpoffice/phpspreadsheet<1.30.0>=2.0.0, <2.1.12>=2.2.0, <2.4.0>=3.3.0, <3.10.0>=4.0.0, <5.0.0Composer27 Aug 2025
  • C
Arbitrary File Upload
badaso/core>=1.0.0-alpha.1Composer27 Aug 2025