Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025
  • M
Cross-site Scripting (XSS)		apprain/apprain>=0.0.0Composer7 Sept 2025
  • H
Allocation of Resources Without Limits or Throttling		pocketmine/pocketmine-mp<5.32.1Composer7 Sept 2025
  • L
Information Exposure		prestashop/prestashop<8.2.3Composer5 Sept 2025
  • M
Path Traversal		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Time-of-check Time-of-use (TOCTOU) Race Condition		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Incorrect Authorization		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Cross-Site Request Forgery (CSRF)		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Improper Input Validation		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Cross-site Scripting (XSS)		magento/community-edition<2.4.5-p14>=2.4.6, <2.4.6-p12>=2.4.7-beta1, <2.4.7-p7>=2.8.4-beta1, <2.8.4-p1Composer5 Sept 2025
  • H
Unverified Ownership		mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • M
Observable Response Discrepancy		mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • M
Server-side Request Forgery (SSRF)		mautic/core-lib<5.2.8>=6.0.0-alpha, <6.0.5Composer3 Sept 2025
  • L
Improper Restriction of Rendered UI Layers or Frames		boomcms/boom-core>=0.0.0Composer3 Sept 2025
  • H
Allocation of Resources Without Limits or Throttling		mikecao/flight<1.2Composer3 Sept 2025
  • C
Deserialization of Untrusted Data		prestashop/prestashop<8.2.1Composer3 Sept 2025
  • M
Incorrect Authorization		contao/core-bundle>=5.3.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization		contao/core-bundle>=4.9.14, <4.13.56>=5.0.0-RC1, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization		contao/comments-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Incorrect Authorization		contao/core-bundle>=5.0.0, <5.3.38>=5.4.0-RC1, <5.6.1Composer29 Aug 2025
  • M
Cross-site Scripting (XSS)		moonshine/moonshine>=0.0.0, <3.12.6Composer28 Aug 2025
  • H
Arbitrary Code Injection		craftcms/cms>=4.0.0-RC1, <4.16.5>=5.0.0-RC1, <5.8.7Composer28 Aug 2025
  • M
Unrestricted Upload of File with Dangerous Type		moonshine/moonshine<3.12.5Composer28 Aug 2025
  • H
SQL Injection		alextselegidis/easyappointments>=0.0.0, <1.5.2Composer28 Aug 2025
  • M
SQL Injection		lee-to/moonshine-tree-resource<2.0.2Composer28 Aug 2025
  • H
Server-side Request Forgery (SSRF)		phpoffice/phpspreadsheet<1.30.0>=2.0.0, <2.1.12>=2.2.0, <2.4.0>=3.3.0, <3.10.0>=4.0.0, <5.0.0Composer27 Aug 2025
  • C
Arbitrary File Upload		badaso/core>=1.0.0-alpha.1Composer27 Aug 2025