Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Arbitrary URL Rewrite
zendframework/zendframework <2.5.0 Composer 15 Aug, 2018
  • M
Cookie serialization vulnerability
laravel/framework <5.6.30 Composer 13 Aug, 2018
  • M
Arbitrary Class Calling
illuminate/cookie <5.6.30 Composer 13 Aug, 2018
  • M
Cross-site Scripting (XSS)
intelliants/subrion >=0.0.0 Composer 07 Aug, 2018
  • M
Cross-site Scripting (XSS)
intelliants/subrion <4.2.2 Composer 07 Aug, 2018
  • M
Improper Access Control
intelliants/subrion >=0.0.0 Composer 07 Aug, 2018
  • M
Host Header Injection
symphony/symphony <2.7.49,>=2.8.0, <2.8.44,>=3.3.0, <3.3.18,>=3.4.0, <3.4.14,>=4.0.0, <4.0.14,>=4.1.0, <4.1.2 Composer 05 Aug, 2018
  • L
Cross-site Scripting (XSS)
paypal/permissions-sdk-php <=3.9.1 Composer 05 Aug, 2018
  • L
Cross-site Scripting (XSS)
paypal/invoice-sdk-php <=3.9.0 Composer 05 Aug, 2018
  • M
Arbitrary URL Rewrite
zendframework/zend-http <2.8.1 Composer 02 Aug, 2018
  • M
Arbitrary URL Rewrite
zendframework/zend-feed <2.10.3 Composer 02 Aug, 2018
  • M
Arbitrary URL Rewrite
zendframework/zend-diactoros <1.8.4 Composer 02 Aug, 2018
  • L
Access Restriction Bypass
symfony/symfony >=2.7, <2.7.49,>=2.8, <2.8.44,>=3, <3.3.18,>=3.4, <3.4.14,>=4, <4.0.14,>=4.1, <4.1.3 Composer 02 Aug, 2018
  • L
Access Restriction Bypass
symfony/http-foundation >=2.7, <2.7.49,>=2.8, <2.8.44,>=3, <3.3.18,>=3.4, <3.4.14,>=4, <4.0.14,>=4.1, <4.1.3 Composer 02 Aug, 2018
  • M
Cross-site Scripting (XSS)
symfony/symfony <2.7.33,>=2.8.0, <2.8.26,>=3.0.0, <3.2.13,>=3.3.0, <3.3.6 Composer 30 Jul, 2018
  • H
Arbitrary Code Execution
october/october <1.0.437 Composer 30 Jul, 2018
  • M
Cross-site Scripting (XSS)
october/october <1.0.437 Composer 30 Jul, 2018
  • H
Arbitrary Code Execution
moodle/moodle <3.1.13,>=3.3.0, <3.3.7,>=3.4.0, <3.4.4,>=3.5.0, <3.5.1 Composer 30 Jul, 2018
  • M
Information Exposure
moodle/moodle <3.1.13,>=3.3.0, <3.3.7,>=3.4.0, <3.4.4,>=3.5.0, <3.5.1 Composer 30 Jul, 2018
  • M
Information Exposure
moodle/moodle <3.3.7,>=3.4.0, <3.4.4,>=3.5.0, <3.5.1 Composer 30 Jul, 2018
  • M
Cross-site Scripting (XSS)
gleez/cms >=0.0.0 Composer 30 Jul, 2018
  • H
Insecure Deserialization
typo3/cms >=8.5.0, <8.7.17,>=9.0.0, <9.3.2 Composer 23 Jul, 2018
  • H
Insecure Deserialization
typo3/cms-core >=8.5.0, <8.7.17,>=9.0.0, <9.3.2 Composer 23 Jul, 2018
  • H
Arbitrary Code Execution
typo3/cms-core >=8.0.0, <8.7.17,>=9.0.0, <9.3.2 Composer 23 Jul, 2018
  • H
Server Side Template Injection (SSTI)
twig/twig <2.4.4 Composer 23 Jul, 2018
  • H
XML External Entity (XXE) Injection
phpoffice/common <0.2.9 Composer 23 Jul, 2018
  • H
Deserialization of Untrusted Data
phpmyadmin/phpmyadmin <4.0.10.17,>=4.4.0.0, <4.4.15.8,>=4.6.0, <4.6.4 Composer 23 Jul, 2018
  • M
Open Redirect
pagekit/pagekit <1.0.14 Composer 23 Jul, 2018
  • M
Cross-site Request Forgery (CSRF)
gleez/cms >=0.0.0 Composer 23 Jul, 2018
  • M
Cross-site Scripting (XSS)
gleez/cms >=0.0.0 Composer 23 Jul, 2018