Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Insecure Encryption
fuel/core <1.8.1 Composer 10 May, 2018
  • H
Arbitrary Code Execution
fuel/core <1.8.0.4 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS)
drupal/drupal >=8.0.0, <8.4.7,>=8.5.0, <8.5.2 Composer 10 May, 2018
  • H
Arbitrary Code Execution
drupal/drupal <7.59, >=8.0.0,<8.4.8, >=8.5.0,<8.5.3 Composer 10 May, 2018
  • H
Arbitrary Code Execution
drupal/core <7.59,>=8.0, <8.48,>=8.5.0, <8.5.3 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS)
drupal/core >=8.0.0, <8.4.7,>=8.5.0, <8.5.2 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS)
rainlab/user-plugin <=1.4.5 Composer 09 May, 2018
  • M
Access Restriction Bypass
phpmyadmin/phpmyadmin <4.0.10.20,>=4.4.0, <4.7.0 Composer 09 May, 2018
  • M
Cross-site Request Forgery (CSRF)
phpmyadmin/phpmyadmin <4.8.0.1 Composer 02 May, 2018
  • M
Cross-site Scripting (XSS)
drupal/core <8.4.7,>=8.5.0, <8.5.2 Composer 02 May, 2018
  • M
SQL injection
adodb/adodb-php <5.20.12 Composer 30 Apr, 2018
  • M
Access Restriction Bypass
lightsaml/lightsaml <1.3.5 Composer 26 Apr, 2018
  • M
Cross-site Scripting (XSS)
erusev/parsedown <1.7.0 Composer 26 Apr, 2018
  • M
Cross-site Scripting (XSS)
contao/core-bundle >=3.0.0, <3.5.35,>=4.0.0, <4.4.18,>=4.5.0, <4.5.7 Composer 25 Apr, 2018
  • M
Directory Traversal
studio-42/elfinder <2.1.37 Composer 17 Apr, 2018
  • M
Directory Traversal
studio-42/elfinder >2.1.36 Composer 17 Apr, 2018
  • H
File Path Modification
october/october <1.0.413 Composer 17 Apr, 2018
  • H
Arbitrary Code Execution
october/october <1.0.413 Composer 17 Apr, 2018
  • H
Arbitrary Code Injection
october/october <1.0.413 Composer 17 Apr, 2018
  • M
Cross-site Scripting (XSS)
october/october <1.0.413 Composer 17 Apr, 2018
  • H
Cross-site Request Forgery (CSRF)
october/october <1.0.427 Composer 17 Apr, 2018
  • H
Arbitrary Code Execution
october/october <1.0.413 Composer 17 Apr, 2018
  • M
Authentication Bypass
moodle/moodle >=3.3, <3.3.5,>=3.4, <3.4.2 Composer 17 Apr, 2018
  • M
Authentication Bypass
moodle/moodle >=3.1, <3.1.11,>=3.2, <3.2.8,>=3.3, <3.3.5,>=3.4, <3.4.2 Composer 17 Apr, 2018
  • M
Cross-site Scripting (XSS)
dolibarr/dolibarr >=0.0.0 Composer 17 Apr, 2018
  • M
SQL Injection
dolibarr/dolibarr >=0.0.0 Composer 17 Apr, 2018
  • H
Arbitrary Code Injection
slim/slim <2.6.0 Composer 16 Apr, 2018
  • M
Cross-site scripting (XSS)
paypal/merchant-sdk-php <3.12.0 Composer 16 Apr, 2018
  • H
Access Restriction Bypass
kreait/firebase-php >=3.2.0, <3.8.1 Composer 16 Apr, 2018
  • M
SQL Injection
dolibarr/dolibarr <5.0.4 Composer 16 Apr, 2018