Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Information Exposure
moodle/moodle<2.3.10>=2.4.0-rc1, <2.4.7>=2.5.0-beta, <2.5.3Composer21 May 2025
  • L
Use of GET Request Method With Sensitive Query Strings
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Arbitrary Code Injection
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Cross-site Request Forgery (CSRF)
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Cross-site Scripting (XSS)
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Authorization Bypass Through User-Controlled Key
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Incorrect Authorization
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Arbitrary Code Injection
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Cross-site Request Forgery (CSRF)
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Improper Authentication
moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • M
Authorization Bypass Through User-Controlled Key
moodle/moodle>=4.1.0-beta, <4.1.18>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer21 May 2025
  • H
Information Exposure
moodle/moodle>=4.5.0-beta, <4.5.3Composer21 May 2025
  • M
Information Exposure
moodle/moodle>=4.5.0-beta, <4.5.4Composer19 May 2025
  • M
Improper Authentication
moodle/moodle>=4.3.0-beta, <4.3.12>=4.4.0-beta, <4.4.8>=4.5.0-beta, <4.5.4Composer19 May 2025
  • M
External Control of Assumed-Immutable Web Parameter
craftcms/cms<4.15.3>=5.0.0-alpha.1, <5.7.5Composer19 May 2025
  • M
Missing Authorization
moodle/moodle>=4.1.0, <4.1.17>=4.3.0-beta, <4.3.11>=4.4.0-beta, <4.4.7>=4.5.0-beta, <4.5.3Composer19 May 2025
  • C
Improper Authentication
auth0/auth0-php>=8.0.0-BETA1, <8.14.0Composer19 May 2025
  • H
XML External Entity (XXE) Injection
sulu/sulu>=2.5.21, <2.5.25>=2.6.5, <2.6.9>=3.0.0-alpha1, <3.0.0-alpha3Composer18 May 2025
  • M
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1Composer15 May 2025
  • M
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0-alpha.1, <4.7.1Composer15 May 2025
  • L
Directory Traversal
getkirby/cms<3.9.8.3>=3.10.0, <3.10.1.2>=4.0.0, <4.7.1Composer14 May 2025
  • M
Improper Input Validation
alextselegidis/easyappointments>=0.0.0Composer13 May 2025
  • H
Improper Neutralization of Special Elements Used in a Template Engine
craftcms/cms>=4.0.0-RC1, <4.14.13>=5.0.0-RC1, <5.6.15Composer12 May 2025
  • M
Insertion of Sensitive Information Into Sent Data
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer12 May 2025
  • M
Cross-site Scripting (XSS)
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer12 May 2025
  • H
Server-side Request Forgery (SSRF)
phpmyadmin/phpmyadmin>=4.0.0, <4.7.0Composer11 May 2025
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
phpmyadmin/phpmyadmin>=4.0.10, <4.7.0Composer9 May 2025
  • C
SQL Injection
web-tp3/wec_map<3.3.0Composer8 May 2025