Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
M Path Traversal	contao/core-bundle<4.13.49	Composer	18 Sept 2024
M Improper Input Validation	contao/comments-bundle>=4.13.0, <4.13.49>=5.0.0, <5.3.15>=5.4.0, <5.4.3	Composer	18 Sept 2024
M Cross-site Scripting (XSS)	concrete5/concrete5>=9.0.0, <9.3.4<8.5.19	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Improper Authorization	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
M Cross-Site Request Forgery (CSRF)	magento/community-edition<2.4.4-p10>=2.4.5-p1, <2.4.5-p9>=2.4.6-p1, <2.4.6-p7>=2.4.7-p1, <2.4.7-p2	Composer	17 Sept 2024
H Path Traversal	magento/community-edition>=2.4.7-p1, <2.4.7-p2>=2.4.6-p1, <2.4.6-p7>=2.4.5-p1, <2.4.5-p9<2.4.4-p10	Composer	17 Sept 2024
M Cross-site Scripting (XSS)	damienharper/auditor-bundle<5.2.6	Composer	11 Sept 2024
M Deserialization of Untrusted Data	topthink/framework>=6.1.3	Composer	10 Sept 2024
M Cross-site Scripting (XSS)	craftcms/cms>=5.0.0, <5.1.2	Composer	10 Sept 2024
M Protection Mechanism Failure	twig/twig>=1.0.0, <1.44.8>=2.0.0, <2.16.1>=3.0.0, <3.11.1>=3.12.0, <3.14.0	Composer	10 Sept 2024
H Insecure Defaults	nategood/httpful<1.0.0	Composer	9 Sept 2024
M Cross-site Scripting (XSS)	reportico-web/reportico>=0.0.0	Composer	9 Sept 2024
H Server-Side Request Forgery (SSRF)	gleez/cms>=0.0.0	Composer	9 Sept 2024
M Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
L Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
L Cross-site Scripting (XSS)	backdrop/backdrop>=0.0.0	Composer	5 Sept 2024
M CSV Injection	limesurvey/limesurvey<5.6.68	Composer	4 Sept 2024
H Open Redirect	limesurvey/limesurvey<6.6.1	Composer	4 Sept 2024
H Local File Inclusion	limesurvey/limesurvey>=0.0.0	Composer	4 Sept 2024
M Information Exposure	drupal/core>=8.0.0, <10.2.9>=10.3.0, <10.3.6>=11.0.0, <11.0.5	Composer	30 Aug 2024
M Improper Authorization	getkirby/cms<3.6.6.6>=3.7.0, <3.7.5.5>=3.8.0, <3.8.4.4>=3.9.0, <3.9.8.2>=3.10.0, <3.10.1.1>=4.0.0, <4.3.1	Composer	30 Aug 2024
M Unrestricted Upload of File with Dangerous Type	feehi/feehicms>=0.0.0	Composer	29 Aug 2024
M Unrestricted Upload of File with Dangerous Type	feehi/feehicms>=0.0.0	Composer	29 Aug 2024
M Improper Access Control	in2code/powermail<7.5.0>=8.0.0, <8.5.0>=10.0.0, <10.9.0>=12.0.0, <12.4.0	Composer	29 Aug 2024
M Unrestricted Upload of File with Dangerous Type	feehi/feehicms>=0.0.0	Composer	29 Aug 2024
M Cross-site Scripting (XSS)	phpoffice/phpspreadsheet<1.29.1>=2.0.0, <2.1.0	Composer	29 Aug 2024
M XML External Entity (XXE) Injection	phpoffice/phpspreadsheet<1.29.1>=2.0.0, <2.1.0>=2.2.0, <2.2.1	Composer	29 Aug 2024
M Authorization Bypass Through User-Controlled Key	in2code/powermail<7.5.0>=8.0.0, <8.5.0>=9.0.0, <10.9.0>=12.0.0, <12.4.0	Composer	28 Aug 2024

APPLICATION

OPERATING SYSTEM