Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
External Control of File Name or Path		aimeos/aimeos-core<2024.04.5Composer6 Jun 2024
  • M
Improper Check for Unusual or Exceptional Conditions		aimeos/ai-client-html>=2020.04.1,<2020.10.27>=2021.04.1,<2021.10.21>=2022.04.1,<2022.10.12>=2023.04.1,<2023.10.14>=2024.04.1,<2024.04.5Composer6 Jun 2024
  • M
Improper Input Validation		moodle/moodle<4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer5 Jun 2024
  • M
Information Exposure		typo3/cms>=6.2.0, <6.2.20Composer5 Jun 2024
  • M
Cross-site Scripting (XSS)		typo3/cms>=6.2.0, <6.2.19Composer5 Jun 2024
  • M
XML External Entity (XXE) Injection		typo3/cms>=7.6.0, <7.6.4>=6.2.0, <6.2.19Composer5 Jun 2024
  • H
Allocation of Resources Without Limits or Throttling		pimcore/pimcore>=11.0.0-ALPHA1, <11.2.4Composer5 Jun 2024
  • C
SQL Injection		typo3/cms>=6.2.0, <6.2.18Composer4 Jun 2024
  • M
Cross-site Scripting		dolibarr/dolibarr<19.0.2Composer4 Jun 2024
  • H
Improper Control of Generation of Code ('Code Injection')		smarty/smarty>=3.0.0, <4.5.3>=5.0.0, <5.1.1Composer4 Jun 2024
  • L
Cleartext Storage of Sensitive Information		statamic/cms>=5.3.0, <5.6.2Composer3 Jun 2024
  • H
Code Injection		yiisoft/yii2<2.0.50Composer3 Jun 2024
  • M
Cross-site Scripting (XSS)		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Cross-site Scripting (XSS)		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Cross-site Scripting (XSS)		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Information Exposure Through Misconfigured Permissions		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Cross-Site Request Forgery (CSRF)		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Improper Input Validation		moodle/moodle>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Information Exposure Through an Error Message		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • H
Information Exposure Through Directory Listing		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Information Exposure Through Directory Listing		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Cross-Site Request Forgery (CSRF)		moodle/moodle>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Improper Input Validation		moodle/moodle>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Inappropriate Encoding for Output		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Cross-Site Request Forgery (CSRF)		moodle/moodle>=4.0.0, <4.1.10>=4.2.0, <4.2.7>=4.3.0, <4.3.4Composer2 Jun 2024
  • M
Reflected Cross-site Scripting		yiisoft/yii2>=2.0.49.3, <2.0.50Composer31 May 2024
  • H
Regular Expression Denial of Service (ReDoS)		tecnickcom/tcpdf<6.7.7Composer30 May 2024
  • M
Path Traversal		twig/twig>=1.0.0, <1.12.3Composer30 May 2024
  • M
Cross-site Request Forgery (CSRF)		sylius/resource-bundle>=1.0.0, <1.0.17>=1.1.0, <1.1.9>=1.2.0, <1.2.2Composer30 May 2024
  • H
SQL Injection		silverstripe/framework>=4.0.0-rc1, <4.0.6>=4.1.0-rc1, <4.1.4>=4.2.0-rc1, <4.2.3Composer29 May 2024