Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Vulnerability Affects Type Published
  • H
SQL Injection 		shopware >=4.2.0, <5.4.3 Composer 17 Feb, 2019
  • M
Cross-site Scripting (XSS) 		league/commonmark >=0.15.6, <0.18.1 Composer 10 Feb, 2019
  • M
Broken CORS (Cross-Origin Resource Sharing) 		yiisoft/yii2 <2.0.16 Composer 10 Feb, 2019
  • M
Cross-site Scripting (XSS) 		modx/revolution <=2.7.0 Composer 06 Feb, 2019
  • M
Incorrect Access Control 		api-platform/core <2.3.6 Composer 05 Feb, 2019
  • H
Deserialization of Untrusted Data 		mpdf/mpdf <7.1.8 Composer 04 Feb, 2019
  • H
Arbitrary Code Execution 		drupal/drupal >=7.0.0, <7.6.2,>=8.5.0, <8.5.9,>=8.6.0, <8.6.6 Composer 04 Feb, 2019
  • H
Arbitrary Code Execution 		drupal/core >=7.0.0, <7.6.2,>=8.5.0, <8.5.9,>=8.6.0, <8.6.6 Composer 04 Feb, 2019
  • M
Cross-site Scripting (XSS) 		croogo/croogo >=0.0.0 Composer 29 Jan, 2019
  • H
SQL Injection 		phpmyadmin/phpmyadmin >=4.5.0, <4.8.5 Composer 26 Jan, 2019
  • H
Arbitrary File Read 		phpmyadmin/phpmyadmin >=4.0.0, <4.8.5 Composer 26 Jan, 2019
  • M
Information Disclosure 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Broken Access Control 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms-core >=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Arbitrary Code Execution 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Security Misconfiguration 		typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Broken Access Control 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Information Disclosure 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS) 		typo3/cms >=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Arbitrary Code Execution 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Security Misconfiguration 		typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Access Control Bypass 		api-platform/core >=2.2.0, <2.2.10,>=2.3.0, <2.3.6 Composer 20 Jan, 2019
  • M
Arbitrary Code Injection 		woocommerce/woocommerce <3.2.4 Composer 16 Jan, 2019
  • M
Remote Code Execution (RCE) 		pear/archive_tar <1.4.4 Composer 15 Jan, 2019
  • H
Information Exposure 		studio-42/elfinder <2.1.45 Composer 14 Jan, 2019
  • H
Directory Traversal 		topthink/think <1.0.0 Composer 14 Jan, 2019
Subscribe to RSS feed