Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • L
Cross-site Scripting (XSS)
pimcore/admin-ui-classic-bundle<1.7.6Composer8 Apr 2025
  • M
Incorrect Authorization
drupal/core<10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3Composer6 Apr 2025
  • M
Cross-site Scripting (XSS)
drupal/core<10.3.14>=10.4.0, <10.4.5>=11.0.0, <11.0.13>=11.1.0, <11.1.5Composer6 Apr 2025
  • L
Improperly Controlled Modification of Dynamically-Determined Object Attributes
drupal/core<10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3Composer6 Apr 2025
  • M
Cross-site Scripting (XSS)
drupal/core<10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3Composer6 Apr 2025
  • H
Incorrect Behavior Order
api-platform/graphql<4.0.22Composer4 Apr 2025
  • H
Incorrect Behavior Order
api-platform/core<4.0.22Composer4 Apr 2025
  • H
Incorrect Authorization
api-platform/graphql<4.0.22Composer4 Apr 2025
  • H
Incorrect Authorization
api-platform/core<4.0.22Composer4 Apr 2025
  • M
Information Exposure
api-platform/core>=3.2.0, <3.2.5Composer4 Apr 2025
  • M
Cross-site Request Forgery (CSRF)
concrete5/concrete5<8.5.20>=9.0.0RC1, <9.4.0RC2Composer3 Apr 2025
  • H
Server-side Request Forgery (SSRF)
spatie/browsershot>=0.0.0Composer3 Apr 2025
  • M
Deserialization of Untrusted Data
yiisoft/yii2-dev>=0.0.0Composer1 Apr 2025
  • M
Cross-site Scripting (XSS)
clickstorm/cs-seo>=6.0.0, <6.7.0>=7.0.0, <7.4.0>=8.0.0, <8.3.0>=9.0.0, <9.2.0Composer31 Mar 2025
  • M
Cross-site Scripting (XSS)
codingms/additional-tca>=1.7.0, <1.15.17>=1.16.0, <1.16.9Composer30 Mar 2025
  • M
Missing Authorization
tastyigniter/tastyigniter<4.0.0Composer30 Mar 2025
  • M
Missing Authorization
tastyigniter/tastyigniter<4.0.0-beta.1Composer25 Mar 2025
  • L
Omitted Break Statement in Switch
api-platform/core>=3.3.8, <3.3.15Composer25 Mar 2025
  • H
External Control of Assumed-Immutable Web Parameter
sylius/paypal-plugin<1.6.2>=1.7.0, <1.7.2>=2.0.0, <2.0.2Composer20 Mar 2025
  • M
Cross-site Scripting (XSS)
contao/core-bundle>=4.0.0, <4.13.54>=5.0.0, <5.3.30>=5.4.0, <5.5.6Composer19 Mar 2025
  • M
Cross-site Scripting (XSS)
modx/revolution>=0.0.0Composer18 Mar 2025
  • C
Deserialization of Untrusted Data
viames/pair<2.0.0-betaComposer18 Mar 2025
  • M
Allocation of Resources Without Limits or Throttling
pocketmine/pocketmine-mp<5.25.2Composer18 Mar 2025
  • H
External Control of Assumed-Immutable Web Parameter
sylius/paypal-plugin<1.6.1>=1.7.0, <1.7.1>=2.0.0, <2.0.1Composer18 Mar 2025
  • M
Improper Neutralization
macropay-solutions/laravel-crud-wizard-free<3.4.17Composer17 Mar 2025
  • M
Cross-site Scripting (XSS)
microweber/microweber>=0.0.0Composer17 Mar 2025
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
flarum/core<1.8.10Composer17 Mar 2025
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
flarum/framework<1.8.10Composer17 Mar 2025
  • M
Improper Authentication
froxlor/froxlor<2.2.6Composer17 Mar 2025
  • M
Cross-site Scripting (XSS)
froxlor/froxlor<2.2.6Composer17 Mar 2025