Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Show:
Report a new vulnerability
Subscribe to RSS feed
Vulnerability Affects Type Published
  • M
Insecure Encryption 		fuel/core <1.8.1 Composer 10 May, 2018
  • H
Arbitrary Code Execution 		fuel/core <1.8.0.4 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS) 		drupal/drupal >=8.0.0, <8.4.7,>=8.5.0, <8.5.2 Composer 10 May, 2018
  • H
Arbitrary Code Execution 		drupal/drupal <7.59, >=8.0.0,<8.4.8, >=8.5.0,<8.5.3 Composer 10 May, 2018
  • H
Arbitrary Code Execution 		drupal/core <7.59,>=8.0, <8.48,>=8.5.0, <8.5.3 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS) 		drupal/core >=8.0.0, <8.4.7,>=8.5.0, <8.5.2 Composer 10 May, 2018
  • M
Cross-site Scripting (XSS) 		rainlab/user-plugin <=1.4.5 Composer 09 May, 2018
  • M
Access Restriction Bypass 		phpmyadmin/phpmyadmin <4.0.10.20,>=4.4.0, <4.7.0 Composer 09 May, 2018
  • M
Cross-site Request Forgery (CSRF) 		phpmyadmin/phpmyadmin <4.8.0.1 Composer 02 May, 2018
  • M
Cross-site Scripting (XSS) 		drupal/core <8.4.7,>=8.5.0, <8.5.2 Composer 02 May, 2018
  • M
SQL injection 		adodb/adodb-php <5.20.12 Composer 30 Apr, 2018
  • M
Access Restriction Bypass 		lightsaml/lightsaml <1.3.5 Composer 26 Apr, 2018
  • M
Cross-site Scripting (XSS) 		erusev/parsedown <1.7.0 Composer 26 Apr, 2018
  • M
Cross-site Scripting (XSS) 		contao/core-bundle >=3.0.0, <3.5.35,>=4.0.0, <4.4.18,>=4.5.0, <4.5.7 Composer 25 Apr, 2018
  • M
Directory Traversal 		studio-42/elfinder <2.1.37 Composer 17 Apr, 2018
  • M
Directory Traversal 		studio-42/elfinder >2.1.36 Composer 17 Apr, 2018
  • H
File Path Modification 		october/october <1.0.413 Composer 17 Apr, 2018
  • H
Arbitrary Code Execution 		october/october <1.0.413 Composer 17 Apr, 2018
  • H
Arbitrary Code Injection 		october/october <1.0.413 Composer 17 Apr, 2018
  • M
Cross-site Scripting (XSS) 		october/october <1.0.413 Composer 17 Apr, 2018
  • H
Cross-site Request Forgery (CSRF) 		october/october <1.0.427 Composer 17 Apr, 2018
  • H
Arbitrary Code Execution 		october/october <1.0.413 Composer 17 Apr, 2018
  • M
Authentication Bypass 		moodle/moodle >=3.3, <3.3.5,>=3.4, <3.4.2 Composer 17 Apr, 2018
  • M
Authentication Bypass 		moodle/moodle >=3.1, <3.1.11,>=3.2, <3.2.8,>=3.3, <3.3.5,>=3.4, <3.4.2 Composer 17 Apr, 2018
  • M
Cross-site Scripting (XSS) 		dolibarr/dolibarr >=0.0.0 Composer 17 Apr, 2018
  • M
SQL Injection 		dolibarr/dolibarr >=0.0.0 Composer 17 Apr, 2018
  • H
Arbitrary Code Injection 		slim/slim <2.6.0 Composer 16 Apr, 2018
  • M
Cross-site scripting (XSS) 		paypal/merchant-sdk-php <3.12.0 Composer 16 Apr, 2018
  • H
Access Restriction Bypass 		kreait/firebase-php >=3.2.0, <3.8.1 Composer 16 Apr, 2018
  • M
SQL Injection 		dolibarr/dolibarr <5.0.4 Composer 16 Apr, 2018