Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)
nilsteampassnet/teampass<2.1.25Composer23 Apr 2025
  • C
SQL Injection
nilsteampassnet/teampass<2.1.25Composer23 Apr 2025
  • M
Cross-site Request Forgery (CSRF)
mantisbt/mantisbt<1.3.11>=2.0.0, <2.3.3>=2.4.0, <2.4.1Composer23 Apr 2025
  • H
Weak Password Recovery Mechanism for Forgotten Password
mantisbt/mantisbt>=1.3.0-rc.2, <1.3.10>=2.0.0, <2.2.4>=2.3.0, <2.3.1Composer23 Apr 2025
  • M
Cross-site Scripting (XSS)
geshi/geshi<1.0.8.11Composer23 Apr 2025
  • H
Directory Traversal
geshi/geshi<1.0.8.11Composer23 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer22 Apr 2025
  • H
Arbitrary Code Injection
typo3/cms>=6.1.0, <6.1.4>=6.0.0, <6.0.9Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
typo3/cms>=6.2.0, <6.2.16Composer22 Apr 2025
  • M
Open Redirect
typo3/cms>=6.2.0, <6.2.16Composer22 Apr 2025
  • H
Arbitrary Code Injection
typo3/cms>=6.1.0, <6.1.9>=6.0.0, <6.0.14>=4.7.0, <4.7.19>=4.5.0, <4.5.34Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
typo3/cms>=7.0.0, <7.6.1>=6.2.0, <6.2.16Composer22 Apr 2025
  • H
Arbitrary File Upload
typo3/cms>=6.0.0, <6.0.8>=6.1.0, <6.1.3Composer22 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer21 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5<5.7.4Composer21 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer21 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer21 Apr 2025
  • M
Cross-site Scripting (XSS)
concrete5/concrete5>=0.0.0Composer21 Apr 2025
  • M
Arbitrary Code Injection
billz/raspap-webgui<3.1.0Composer18 Apr 2025
  • H
XML External Entity (XXE) Injection
ibexa/fieldtype-richtext>=4.6.0-beta1, <4.6.19Composer18 Apr 2025
  • H
XML External Entity (XXE) Injection
ezsystems/ezplatform-richtext>=2.3.0-beta1, <2.3.26Composer18 Apr 2025
  • M
Cross-site Request Forgery (CSRF)
wallabag/wallabag<2.6.11Composer18 Apr 2025
  • M
Deserialization of Untrusted Data
yiisoft/yii2>=0.0.0Composer17 Apr 2025
  • L
Missing Authorization
goalgorilla/open_social<12.3.11>=12.4.0, <12.4.10Composer14 Apr 2025
  • M
Missing Authorization
goalgorilla/open_social<12.3.11>=12.4.0, <12.4.10Composer14 Apr 2025
  • M
Cross-site Scripting (XSS)
digimix/wp-svg-upload>=0.0.0Composer14 Apr 2025