Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Deserialization of Untrusted Data
auth0/auth0-php>=8.0.0-BETA3, <8.14.0Composer4 Jun 2025
  • M
Missing Authorization
mautic/core-lib<5.2.6>=6.0.0-alpha, <6.0.2Composer29 May 2025
  • M
Exposure of Sensitive System Information to an Unauthorized Control Sphere
mautic/core-lib<5.2.6>=6.0.0-alpha, <6.0.2Composer29 May 2025
  • M
Open Redirect
mautic/core-lib<5.2.6>=6.0.0-alpha, <6.0.2Composer29 May 2025
  • M
Timing Attack
mautic/core-lib<5.2.6>=6.0.0-alpha, <6.0.2Composer29 May 2025
  • M
Improper Validation of Specified Quantity in Input
mautic/core-lib<5.2.6>=6.0.0-alpha, <6.0.2Composer29 May 2025
  • M
Cross-site Scripting (XSS)
symfony/ux-twig-component<2.25.1Composer28 May 2025
  • C
Arbitrary File Upload
showdoc/showdoc<2.8.13Composer28 May 2025
  • H
Authorization Bypass Through User-Controlled Key
sjbr/sr-feuser-register>=5.1.0, <12.5.0Composer28 May 2025
  • C
Deserialization of Untrusted Data
sjbr/sr-feuser-register>=5.1.0, <12.5.0Composer28 May 2025
  • C
Arbitrary Code Injection
craftcms/cms>=3.0.0-RC1, <3.9.15>=4.0.0-RC1, <4.14.15>=5.0.0-RC1, <5.6.17Composer26 May 2025
  • M
Cross-site Scripting (XSS)
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • H
Missing Authorization
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • H
Improper Encoding or Escaping of Output
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)
yeswiki/yeswiki<4.5.4Composer25 May 2025
  • M
Cross-site Scripting (XSS)
couleurcitron/tarteaucitron-wp<0.3.0Composer22 May 2025
  • M
Authorization Bypass Through User-Controlled Key
in2code/femanager>=8.0.0, <8.2.2>=7.0.0, <7.4.2>=6.0.0, <6.4.1>=5.5.0, <5.5.5Composer22 May 2025
  • M
Cross-site Scripting (XSS)
clickstorm/cs-seo>=6.3.0, <6.8.0>=7.0.0, <7.5.0>=8.0.0, <8.4.0>=9.0.0, <9.3.0Composer22 May 2025
  • M
Arbitrary File Upload
typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer22 May 2025
  • H
Authentication Bypass Using an Alternate Path or Channel
typo3/cms-backend>=12.0.0, <12.4.31>=13.0.0, <13.4.12Composer22 May 2025
  • M
Unverified Password Change
typo3/cms-setup>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Unverified Password Change
typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Cross-site Scripting (XSS)
dnadesign/silverstripe-elemental>=2.1.2, <5.3.12Composer21 May 2025
  • L
Server-side Request Forgery (SSRF)
typo3/cms-webhooks>=12.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • H
Unverified Ownership
typo3/cms-core>=10.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • M
Incorrect Authorization
typo3/cms-core>=9.0.0, <12.4.31>=13.0.0, <13.4.12Composer21 May 2025
  • H
Authorization Bypass Through User-Controlled Key
moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025