Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Improper Authentication
symfony/security-http >=5.3.0, <5.3.2 Composer 18 Jun, 2021
  • H
Deserialization of Untrusted Data
civicrm/civicrm-core <5.24.3 Composer 18 Jun, 2021
  • H
Cross-site Request Forgery (CSRF)
civicrm/civicrm-core <5.28.1 Composer 18 Jun, 2021
  • M
Cross-site Scripting (XSS)
moodle/moodle >=0.0.0 Composer 17 Jun, 2021
  • M
Cross-site Scripting (XSS)
pagekit/pagekit >=0.0.0 Composer 17 Jun, 2021
  • C
Arbitrary Code Execution
phpmailer/phpmailer <6.5.0 Composer 17 Jun, 2021
  • C
Arbitrary Code Execution
phpmailer/phpmailer <6.5.0 Composer 17 Jun, 2021
  • C
Remote Code Execution (RCE)
studio-42/elfinder <2.1.59 Composer 15 Jun, 2021
  • H
Remote Code Execution (RCE)
studio-42/elfinder <2.1.58 Composer 13 Jun, 2021
  • M
Cross-site Scripting (XSS)
baserproject/basercms <4.4.5 Composer 09 Jun, 2021
  • M
Cross-site Scripting (XSS)
amazing/media2click >=1.0.0, <1.3.3 Composer 09 Jun, 2021
  • M
Cross-site Scripting (XSS)
tribalsystems/zenario <8.8.53370 Composer 09 Jun, 2021
  • M
SQL Injection
tribalsystems/zenario <8.8.53370 Composer 09 Jun, 2021
  • H
SQL Injection
t3/dce >=2.7.0, <2.7.1,>=2.2.0, <2.6.2 Composer 09 Jun, 2021
  • H
Command Injection
baserproject/basercms <4.4.5 Composer 09 Jun, 2021
  • M
Access Restriction Bypass
silverstripe/graphql >=3.0.0, <3.5.0,>=4.0.0-alpha1, <4.0.0-alpha2 Composer 09 Jun, 2021
  • L
XML External Entity (XXE) Injection
silverstripe/framework >=4.8.0-beta1, <4.8.0,<4.7.4 Composer 09 Jun, 2021
  • L
Improper Input Validation
silverstripe/framework >=4.8.0-beta1, <4.8.0,>=3.0.0, <4.7.4 Composer 09 Jun, 2021
  • M
Cross-site Scripting (XSS)
icecoder/icecoder >=0.0.0 Composer 09 Jun, 2021
  • C
Cross-site Scripting (XSS)
flarum/core >=1.0.0, <1.0.2 Composer 08 Jun, 2021
  • M
Deserialization of Untrusted Data
hillelcoren/invoice-ninja <4.4.0 Composer 07 Jun, 2021
  • M
Cross-site Scripting (XSS)
typo3fluid/fluid <2.0.8,>=2.1.0, <2.1.7,>=2.2.0, <2.2.4,>=2.3.0, <2.3.7,>=2.4.0, <2.4.4,>=2.5.0, <2.5.11,>=2.6.0, <2.6.10 Composer 06 Jun, 2021
  • M
Open Redirect
hyn/multi-tenant >=5.6.0, <5.7.2 Composer 28 May, 2021
  • M
Cross-site Scripting (XSS)
centreon/centreon <21.4.0 Composer 27 May, 2021
  • M
Information Exposure
klaviyo/magento2-extension <3.0.0 Composer 27 May, 2021
  • C
Remote Code Execution (RCE)
codiad/codiad >=0.0.0 Composer 25 May, 2021
  • M
Denial of Service (DoS)
phanan/koel <5.1.4 Composer 25 May, 2021
  • M
Server-side Request Forgery (SSRF)
feehi/cms >=0.0.0 Composer 25 May, 2021
  • M
Cross-site Scripting (XSS)
shopware/shopware >=5.0.0, <5.6.10 Composer 25 May, 2021
  • M
Information Exposure
shopware/shopware >=5.0.0, <5.6.10 Composer 25 May, 2021