Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Remote Code Execution (RCE)		glpi/glpi>=0.85, <10.0.16Composer11 Jul 2024
  • H
SQL Injection		glpi/glpi>=0.84, <10.0.16Composer11 Jul 2024
  • M
Improper Access Control		glpi/glpi>=0.85, <10.0.16Composer11 Jul 2024
  • M
Improper Access Control		ssddanbrown/bookstack<24.5.1Composer11 Jul 2024
  • M
Authentication Bypass by Primary Weakness		privatebin/privatebin>=1.5.0, <1.7.4Composer10 Jul 2024
  • M
Cross-Site Request Forgery (CSRF)		limesurvey/limesurvey<6.5.14Composer10 Jul 2024
  • M
SQL Injection		egroupware/egroupware<23.1.20240624Composer8 Jul 2024
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')		mediawiki/metrolook-skin>=0.0.0Composer8 Jul 2024
  • M
Cross-site Request Forgery (CSRF)		shopxo/shopxo>=0.0.0Composer8 Jul 2024
  • M
Exposure of Data Element to Wrong Session		aimeos/ai-controller-frontend<2020.10.15>=2021.4.1, <2021.10.8>=2022.4.1, <2022.10.8>=2023.4.1, <2023.10.9Composer5 Jul 2024
  • H
Insufficient Granularity of Access Control		aimeos/ai-admin-jsonadm<2020.10.13>=2021.4.1, <2021.10.6>=2022.4.1, <2022.10.3>=2023.4.1, <2023.10.4>=2024.4.1, <2024.4.2Composer5 Jul 2024
  • M
Insufficient Granularity of Access Control		aimeos/ai-admin-graphql<2022.10.10>=2023.4.1, <2023.10.6>=2024.4.1, <2024.4.2Composer5 Jul 2024
  • H
Insufficient Granularity of Access Control		aimeos/ai-admin-graphql<2022.10.10>=2023.4.1, <2023.10.6>=2024.4.1, <2024.4.6Composer5 Jul 2024
  • M
Cross-site Scripting (XSS)		coderberg/residence-cms<2.10.2Composer3 Jul 2024
  • H
Improper Certificate Validation		phpseclib/phpseclib<1.0.22>=2.0.0, <2.0.46>=3.0.0, <3.0.33Composer28 Jun 2024
  • H
SQL Injection		craftcms/cms<3.7.32Composer27 Jun 2024
  • M
URL Redirection to Untrusted Site ('Open Redirect')		october/october>=3.2.0, <3.6.0Composer27 Jun 2024
  • L
Directory Traversal		johnpbloch/wordpress-core>=4.1.0, <4.1.41>=4.2.0, <4.2.38>=4.3.0, <4.3.34>=4.4.0, <4.4.33>=4.5.0, <4.5.32>=4.6.0, <4.6.29>=4.7.0, <4.7.29>=4.8.0, <4.8.25>=4.9.0, <4.9.26>=5.0.0, <5.0.22>=5.1.0, <5.1.19>=5.2.0, <5.2.21>=5.3.0, <5.3.18>=5.4.0, <5.4.16>=5.5.0, <5.5.15>=5.6.0, <5.6.14>=5.7.0, <5.7.12>=5.8.0, <5.8.10>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.4>=6.5.0, <6.5.6Composer27 Jun 2024
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.5>=6.5.0, <6.5.5Composer27 Jun 2024
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.5>=6.5.0, <6.5.5Composer27 Jun 2024
  • M
Cross-site Scripting (XSS)		johnpbloch/wordpress-core>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.5>=6.5.0, <6.5.5Composer27 Jun 2024
  • M
Debug Messages Revealing Unnecessary Information		aimeos/ai-client-html>=2021.10.1, <2021.10.22>=2022.4.1, <2022.10.13>=2023.4.1, <2023.10.15>=2024.4.1, <2024.4.7Composer26 Jun 2024
  • M
Cross-site Scripting (XSS)		anchorcms/anchor-cms>=0.0.0Composer25 Jun 2024
  • M
Resource Exhaustion		vrana/adminer<4.8.4Composer25 Jun 2024
  • M
Server-Side Request Forgery (SSRF)		vrana/adminer<4.8.4Composer25 Jun 2024
  • M
Cross-site Scripting (XSS)		tinymce/tinymce<6.8.4>=7.0.0, <7.2.0Composer25 Jun 2024
  • C
Directory Traversal		vrana/adminer<4.8.3Composer23 Jun 2024
  • M
SQL Injection		jweiland/events2<8.3.8>=9.0.0, <9.0.6Composer21 Jun 2024
  • M
Use of Cache Containing Sensitive Information		jweiland/events2<8.3.8>=9.0.0, <9.0.6Composer21 Jun 2024
  • M
Improper Access Control		jweiland/events2<8.3.8>=9.0.0, <9.0.6Composer21 Jun 2024