Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		getformwork/formwork<1.13.0Composer29 May 2024
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')		magento/community-edition>=2.1, <2.1.15>=2.2, <2.2.6Composer29 May 2024
  • M
Information Exposure Through an Error Message		silverstripe/framework>=3.7.0-rc1, <3.7.1>=4.0.0-rc1, <4.0.5>=4.1.0-rc1, <4.1.3>=4.2.0-rc1, <4.2.2Composer29 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/comments>=1.3.0, <3.1.1Composer28 May 2024
  • L
Information Exposure		silverstripe/framework>=3.5.5-rc1, <3.7.0>=4.0.3-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • H
Unrestricted Upload of File with Dangerous Type		silverstripe/framework>=3.6.5-rc1, <3.6.6>=4.0.3-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • M
Information Exposure		silverstripe/framework>=4.0.0-rc1, <4.0.4>=4.1.0rc1, <4.1.1Composer28 May 2024
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')		silverstripe/framework>=4.0.3-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • H
URL Redirection to Untrusted Site ('Open Redirect')		silverstripe/framework>=4.0.0-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • M
Privilege Escalation		silverstripe/framework>=3.5.7-rc1, <3.5.8>=3.6.0-rc1, <3.6.6>=4.0.0-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • M
Information Exposure		silverstripe/framework>=4.0.0-rc1, <4.0.1Composer28 May 2024
  • H
Missing Encryption of Sensitive Data		silverstripe/framework>=3.5.0-rc1, <3.5.6>=3.6.0-rc1, <3.6.3>=4.0.0-rc1, <4.0.1Composer28 May 2024
  • H
SQL Injection		silverstripe/framework>=3.5.0-rc1, <3.5.6>=3.6.0-rc1, <3.6.3>=4.0.0-rc1, <4.0.1Composer28 May 2024
  • H
Session Fixation		silverstripe/framework>=3.5.0-rc1, <3.5.6>=3.6.0-rc1, <3.6.3Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.4.0-rc1, <3.4.6>=3.5.0-rc1, <3.5.4Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.4.0-rc1, <3.4.6>=3.5.0-rc1, <3.5.4Composer28 May 2024
  • M
Information Exposure		silverstripe/framework>=3.4.0-rc1, <3.4.6>=3.5.0-rc1, <3.5.4Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.1.0-rc1, <3.1.21>=3.2.0-rc1, <3.2.6>=3.3.0-rc1, <3.3.4>=3.4.0-rc1, <3.4.2Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.4.0-rc1, <3.4.4>=3.5.0-rc1, <3.5.2Composer28 May 2024
  • L
Insufficient Session Expiration		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Cross-site Scripting (XSS)		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Improper Authentication		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Missing Authorization		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • L
Use of a One-Way Hash without a Salt		silverstripe/framework>=3.1.19-rc1, <3.1.20>=3.2.4-rc1, <3.2.5>=3.3.2-rc1, <3.3.3>=3.4.0-rc1, <3.4.1Composer28 May 2024
  • M
Improper Input Validation		silverstripe/framework>=4.0.0-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • M
Information Exposure		silverstripe/framework>=4.0.0-rc1, <4.0.4>=4.1.0-rc1, <4.1.1Composer28 May 2024
  • H
SQL Injection		dolibarr/dolibarr>=0.0.0Composer26 May 2024
  • H
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')		dolibarr/dolibarr>=0.0.0Composer26 May 2024