Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Directory TraversalCVE-2026-21857
Affects redaxo/source | Versions <5.20.2
Has fix
ComposerPublished 13 Jan 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2025-68456
Affects craftcms/cms | Versions >=3.0.0, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
- H
Unsafe ReflectionCVE-2025-68455
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
- M
Server-side Request Forgery (SSRF)CVE-2025-68437
Affects craftcms/cms | Versions >=3.5.0, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
- H
Template InjectionCVE-2025-68454
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
- M
Incorrect AuthorizationCVE-2025-68436
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
- M
Insufficient Session ExpirationCVE-2025-68954
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 13 Jan 2026
- M
Incorrect AuthorizationCVE-2026-21896
Affects getkirby/cms | Versions >=5.0.0, <5.2.2
Has fix
ComposerPublished 11 Jan 2026
- M
SQL Injection: HibernateCVE-2026-22242
Affects coreshop/core-bundle | Versions <4.1.8
Has fix
ComposerPublished 8 Jan 2026
- M
Insufficient Session ExpirationCVE-2025-69197
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 6 Jan 2026
- H
Improper Validation of Specified Quantity in InputCVE-2023-7332
Affects pocketmine/pocketmine-mp | Versions <4.18.1
Has fix
ComposerPublished 1 Jan 2026
- L
Improper Encoding or Escaping of OutputCVE-2025-67746
Affects composer/composer | Versions >=2.0.0, <2.2.26>=2.3.0, <2.9.3
Has fix
ComposerPublished 1 Jan 2026
Affects yourls/yourls | Versions <1.10.3
Has fix
ComposerPublished 31 Dec 2025
- M
Server-side Request Forgery (SSRF)CVE-2025-15264
Affects feehi/cms | Versions >=0.0.0
Has fix
ComposerPublished 31 Dec 2025
- M
Cross-site Scripting (XSS)CVE-2025-69210
Affects facturascripts/facturascripts | Versions <2025.7
Has fix
ComposerPublished 31 Dec 2025
- H
Information ExposureCVE-2025-69200
Affects thorsten/phpmyfaq | Versions <4.0.16>=4.1.0-alpha, <4.1.0-rc
Has fix
ComposerPublished 30 Dec 2025
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 30 Dec 2025
- M
Cross-site Scripting (XSS)CVE-2025-60796
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
- M
SQL InjectionCVE-2025-60798
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
- M
Access Control BypassCVE-2025-60799
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
- M
SQL InjectionCVE-2025-60797
Affects phppgadmin/phppgadmin | Versions >=0.0.0
Has fix
ComposerPublished 30 Dec 2025
- M
Race ConditionCVE-2025-15116
Affects opencart/opencart | Versions >=0.0.0
Has fix
ComposerPublished 28 Dec 2025
- H
Directory TraversalCVE-2024-42718
Affects croogo/croogo | Versions >=0.0.0
Has fix
ComposerPublished 28 Dec 2025
- H
Command InjectionCVE-2025-13700
Affects dreamfactory/df-core | Versions <1.0.10
Has fix
ComposerPublished 24 Dec 2025
- H
Arbitrary File UploadCVE-2025-51511
Affects cadmium-org/cadmium-cms | Versions >=0.0.0
Has fix
ComposerPublished 24 Dec 2025
- M
Cross-site Scripting (XSS)CVE-2025-67163
Affects simplemachines/smf | Versions >=0.0.0
Has fix
ComposerPublished 21 Dec 2025
- M
CSV InjectionCVE-2023-53929
Affects thorsten/phpmyfaq | Versions <3.1.16
Has fix
ComposerPublished 19 Dec 2025
- M
Cross-site Scripting (XSS)CVE-2025-68461
Affects roundcube/roundcubemail | Versions <1.5.12>=1.6.0, <1.6.12
Has fix
ComposerPublished 19 Dec 2025
- M
Improper Encoding or Escaping of OutputCVE-2025-68460
Affects roundcube/roundcubemail | Versions <1.5.12>=1.6.0, <1.6.12
Has fix
ComposerPublished 19 Dec 2025
- M
Use of a Broken or Risky Cryptographic AlgorithmCVE-2025-14761
Affects aws/aws-sdk-php | Versions <3.368.0
Has fix
ComposerPublished 18 Dec 2025