Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Request Forgery (CSRF)
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Improper Authentication
moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Authorization Bypass Through User-Controlled Key
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Information Exposure
moodle/moodle>=4.5.0-beta, <4.5.3Composer21 May 2025
  • M
Information Exposure
moodle/moodle>=4.5.0-beta, <4.5.4Composer19 May 2025
  • M
Improper Authentication
moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer19 May 2025
  • M
External Control of Assumed-Immutable Web Parameter
craftcms/cms<4.15.3>=5.0.0-alpha.1, <5.7.5Composer19 May 2025
  • M
Missing Authorization
moodle/moodle>=4.1.0, <4.1.17>=4.3.0-beta, <4.3.11>=4.4.0-beta, <4.4.7>=4.5.0-beta, <4.5.3Composer19 May 2025
  • C
Improper Authentication
auth0/auth0-php>=8.0.0-BETA1, <8.14.0Composer19 May 2025
  • H
XML External Entity (XXE) Injection
sulu/sulu>=2.5.21, <2.5.25>=2.6.5, <2.6.9>=3.0.0-alpha1, <3.0.0-alpha3Composer18 May 2025
  • M
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1Composer15 May 2025
  • M
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1Composer15 May 2025
  • L
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0, <4.7.1Composer14 May 2025
  • M
Improper Input Validation
alextselegidis/easyappointments>=0.0.0Composer13 May 2025
  • H
Improper Neutralization of Special Elements Used in a Template Engine
craftcms/cms>=4.0.0-RC1, <4.14.13>=5.0.0-RC1, <5.6.15Composer12 May 2025
  • M
Insertion of Sensitive Information Into Sent Data
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer12 May 2025
  • M
Cross-site Scripting (XSS)
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer12 May 2025
  • H
Server-side Request Forgery (SSRF)
phpmyadmin/phpmyadmin>=4.0.0, <4.7.0Composer11 May 2025
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer9 May 2025
  • C
SQL Injection
web-tp3/wec_map<3.3.0Composer8 May 2025
  • M
Cross-site Scripting (XSS)
web-tp3/wec_map<3.3.0Composer8 May 2025
  • H
Arbitrary Argument Injection
tcg/voyager>=1.0.0Composer8 May 2025
  • M
Cross-site Scripting (XSS)
league/commonmark>=1.5.0, <2.7.0Composer6 May 2025
  • M
Cross-site Scripting (XSS)
leantime/leantime<3.3.0Composer4 May 2025
  • C
SQL Injection
adodb/adodb-php<5.22.9Composer4 May 2025
  • M
Host Header Injection
croogo/croogo>=0.0.0Composer25 Apr 2025
  • H
Missing Authorization
in2code/femanager<1.0.9Composer24 Apr 2025
  • C
Arbitrary Code Injection
in2code/powermail<1.6.11>=2.0.0, <2.0.14Composer24 Apr 2025
  • H
Improper Authentication
in2code/powermail>=2.0.0, <2.0.11Composer24 Apr 2025
  • M
Insecure Default Initialization of Resource
shopware/core<6.6.10.3>=6.7.0.0-rc1, <6.7.0.0-rc2Composer23 Apr 2025