Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • M
Information Exposure 		gos/web-socket-bundle <1.10.4,>=2.0.0, <2.6.1,>=3.0.0, <3.3.0 Composer 07 Jul, 2020
  • H
Cross-site Scripting (XSS) 		october/october >=1.0.319, <1.0.467 Composer 03 Jul, 2020
  • H
Cross-site Request Forgery (CSRF) 		cakephp/cakephp <4.0.6 Composer 01 Jul, 2020
  • H
Cross-site Scripting (XSS) 		magento/core >=0.0.0 Composer 30 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		nukeviet/nukeviet <4.4.01 Composer 24 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		nukeviet/nukeviet <4.4.01 Composer 24 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		nukeviet/nukeviet <4.4.01 Composer 24 Jun, 2020
  • M
Improper Input Validation 		concrete5/concrete5 <8.5.3 Composer 22 Jun, 2020
  • H
Cross-site Scripting (XSS) 		dolibarr/dolibarr <12.0.0 Composer 21 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		woocommerce/woocommerce <3.6.5 Composer 21 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		drupal/core >=7.0.0, <7.72,>=8.0.0, <8.8.8,>=8.9.0, <8.9.1,>=9.0.0, <9.0.1 Composer 21 Jun, 2020
  • M
Remote Code Execution (RCE) 		drupal/core >=8.0.0, <8.8.8,>=8.9.0, <8.9.1,>=9.0.0, <9.0.1 Composer 21 Jun, 2020
  • M
Access Restriction Bypass 		drupal/core >=8.0.0, <8.8.8,>=8.9.0, <8.9.1,>=9.0.0, <9.0.1 Composer 21 Jun, 2020
  • M
Directory Traversal 		ec-cube/ec-cube >=3.0.0, <4.0.4 Composer 19 Jun, 2020
  • H
SQL Injection 		dolibarr/dolibarr <12.0.0 Composer 19 Jun, 2020
  • M
Information Exposure 		amphp/http-client >=4.0.0, <4.4.0 Composer 17 Jun, 2020
  • M
Cross-site Scripting (XSS) 		kumbia/framework <1.1.2 Composer 15 Jun, 2020
  • H
Arbitrary Code Execution 		phpmussel/phpmussel >=1.0.0, <1.6.0 Composer 11 Jun, 2020
  • M
Cross-site Scripting (XSS) 		opencart/opencart >=0.0.0 Composer 10 Jun, 2020
  • H
Cross-site Scripting (XSS) 		bolt/bolt <3.7.1 Composer 09 Jun, 2020
  • H
Cross-site Request Forgery (CSRF) 		bolt/bolt <3.7.1 Composer 09 Jun, 2020
  • M
Information Exposure 		facade/ignition <2.0.5 Composer 08 Jun, 2020
  • M
Cross-site Request Forgery (CSRF) 		verbb/comments <1.5.5 Composer 07 Jun, 2020
  • H
Cross-site Scripting (XSS) 		verbb/comments <1.5.5 Composer 07 Jun, 2020
  • M
Cross-site Scripting (XSS) 		verbb/comments <1.5.5 Composer 07 Jun, 2020
  • H
Cross-site Scripting (XSS) 		phplist/phplist3 <3.5.4 Composer 05 Jun, 2020
  • H
Deserialization of Untrusted Data 		ezsystems/ezpublish-kernel >=7.0.0, <7.5.8,>=6.0.0, <6.13.6.4,<5.4.15 Composer 04 Jun, 2020
  • H
Deserialization of Untrusted Data 		ezsystems/ezplatform-kernel <1.0.3 Composer 04 Jun, 2020
  • H
Remote Code Execution (RCE) 		sabberworm/php-css-parser <8.3.1 Composer 04 Jun, 2020
  • M
Cross-site Scripting (XSS) 		elastic/app-search <7.7.0 Composer 04 Jun, 2020