Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • M
Cross Site Scripting (XSS) 		kohana/core <3.3.6 Composer 14 Jun, 2019
  • M
Cross Site Scripting (XSS) 		pagekit/pagekit <1.0.6 Composer 14 Jun, 2019
  • M
Cross Site Scripting (XSS) 		pagekit/pagekit <1.0.14 Composer 14 Jun, 2019
  • M
Cross-site Scripting (XSS) 		yiisoft/yii2-dev <2.0.13 Composer 12 Jun, 2019
  • H
SQL injection 		silverstripe/registry >=2.1.0, <2.1.1,>=2.2.0, <2.2.1 Composer 11 Jun, 2019
  • H
SQL injection 		silverstripe/restfulserver >=1.0.0, <1.0.9,>=2.0.0, <2.0.4,>=2.5.0, <2.1.2 Composer 11 Jun, 2019
  • M
Cross-Site Request Forgery (CSRF) 		silverstripe/framework >=4.0.0, <4.4.0 Composer 11 Jun, 2019
  • H
Cross-site Request Forgery (CSRF) 		phpmyadmin/phpmyadmin <4.9.0 Composer 05 Jun, 2019
  • H
SQL Injection 		phpmyadmin/phpmyadmin <4.8.6 Composer 05 Jun, 2019
  • M
Cross-site Scripting (XSS) 		lartak/humhub >=1.3.12, <1.3.13 Composer 04 Jun, 2019
  • M
Server-side Request Forgery (SSRF) 		phpbb/phpbb <3.2.6 Composer 04 Jun, 2019
  • M
Cross-site Scripting (XSS) 		grandt/relativepath >=0.0.0 Composer 31 May, 2019
  • M
Cross-site Scripting (XSS) 		sylius/grid >=1.0.0, <1.1.0,>=1.1.0, <1.1.19,>=1.2.0, <1.2.18,>=1.3.0, <1.3.13,>=1.4.0, <1.4.5,>=1.5.0, <1.5.1 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS) 		sylius/grid-bundle >=1.0.0, <1.1.0,>=1.1.0, <1.1.19,>=1.2.0, <1.2.18,>=1.3.0, <1.3.13,>=1.4.0, <1.4.5,>=1.5.0, <1.5.1 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS) 		sylius/sylius >=1.0.0, <1.1.0,>=1.1.0, <1.1.18,>=1.2.0, <1.2.17,>=1.3.0, <1.3.12,>=1.4.0, <1.4.4 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS) 		drupal/term_reference_tree >=1.0.0, <1.11.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE) 		drupal/media >=2.0.0, <2.19.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE) 		drupal/tmgmt >=1.0.0, <1.7.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE) 		drupal/video >=1.0.0, <1.4.0 Composer 21 May, 2019
  • M
Arbitrary File Upload 		drupal/uuid >=1.0.0, <1.1.0 Composer 21 May, 2019
  • M
Access Restriction Bypass 		drupal/filefield_sources >=1.0.0, <1.11.0 Composer 21 May, 2019
  • M
Denial of Service (DoS) 		drupal/password_policy >=1.0.0, <1.16.0 Composer 21 May, 2019
  • M
Cross-site Scripting (XSS) 		drupal/bootstrap >=3.0.0, <3.14.0 Composer 21 May, 2019
  • M
Information Disclosure 		drupal/entity >=1.0.0, <1.9.0 Composer 21 May, 2019
  • M
Cross-site Scripting (XSS) 		drupal/eu_cookie_compliance >=1.0.0, <1.1.0 Composer 21 May, 2019
  • M
Access Restriction Bypass 		drupal/workbench_moderation >=1.0.0, <1.4.0 Composer 21 May, 2019
  • M
Directory Traversal 		piwik/piwik >=3.9.0, <3.10.0 Composer 20 May, 2019
  • M
Cross-site Scripting (XSS) 		ezsystems/ezplatform-admin-ui >=1.3.0, <1.3.5,>=1.4.0, <1.4.4 Composer 16 May, 2019
  • M
Server-Side Request Forgery (SSRF) 		iignatov/lightopenid <1.3.0 Composer 10 May, 2019
  • H
Deserialization of Untrusted Data 		typo3/phar-stream-wrapper >=1.0.0, <2.0.1,>=3.0.0, <3.0.1 Composer 09 May, 2019
Subscribe to RSS feed