Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS0zNTh2LWNxamMtMnBjcc4AAXVw
Mautic Cross Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: mautic/core
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1meHdtLXJ4NjgtcDV2eM0YRQ
XSS in richtext custom tag attributes in ezsystems/ezplatform-richtext
Ecosystems: packagist
Packages: ezsystems/ezplatform-richtext
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05bXBmLWczZmMtOXJnds4AAe9p
FriendsOfSymfony FOSUserBundle denial of service via login form
Ecosystems: packagist
Packages: friendsofsymfony/user-bundle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yNmZ2LTU2Z3AtajNyNM4AAq1k
Typo3 Cross-Site Scripting in Link Handling
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yamptLTZ3aHgtcDh3NM4AAYGH
filp whoops Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: filp/whoops
Source: GitHub Advisory Database
Blast Radius: 34.1
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU1bW0tNTM5OS03cjYz
Reliance on Cookies without validation in OctoberCMS
Ecosystems: packagist
Packages: october/rain
Source: GitHub Advisory Database
Blast Radius: 18.4
Published: almost 4 years ago
Moderate
GSA_kwCzR0hTQS1ncTc3LTNyNngtMzgzd80ygA
Cross-site Scripting in ShowDoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14NmdxLXZyNTktNHE1cc4AAlAa
KumbiaPHP Cross-site Scripting
Ecosystems: packagist
Packages: kumbiaphp/kumbiapp
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tZzVoLTlyaHEtNGNxeM0y3g
Cross-site Scripting in ShowDoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwcXYteDlobS0zNWo5
Potential XSS vulnerability in Kitodo.Presentation
Ecosystems: packagist
Packages: kitodo/presentation
Source: GitHub Advisory Database
Blast Radius: 7.3
Published: almost 4 years ago
Moderate
GSA_kwCzR0hTQS1ydzU0LTY4MjYtYzhqNc4AA34O
yiisoft/yii2-authclient's Oauth2 PKCE implementation is vulnerable
Ecosystems: packagist
Packages: yiisoft/yii2-authclient
Source: GitHub Advisory Database
Blast Radius: 21.3
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS14Y2dwLWM2aHAtY2o0cs4AAhkW
Magento 2 Community Edition Path Disclosure
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyM2YtYzJqNS1yeDJm
Local File read vulnerability in OctoberCMS
Ecosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 12.0
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp2NnYtZnZ2eC00OTMy
Arbitrary File Deletion vulnerability in OctoberCMS
Ecosystems: packagist
Packages: october/cms
Source: GitHub Advisory Database
Blast Radius: 15.5
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzamotMnJ3Yy0ybTNm
Broken access control on files
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 19.3
Published: almost 4 years ago
Moderate
GSA_kwCzR0hTQS05NmhwLTM4d3gtajN3Y84AAx57
Pimcore vulnerable to Cross Site Scripting in Email Blacklist
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1xeGN3LXJmNHYtaHAyNs4AAx56
Pimcore vulnerable to Cross Site Scripting in image/video thumbnail config
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qanAzLW05M2gtNWptNM0yTg
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12eHZtLXF3dzMtMmZoN84AA1jJ
MongoDB Driver may publish events containing authentication-related data
Ecosystems: swift, npm, packagist
Packages: github.com/mongodb/mongo-swift-driver, mongodb, mongodb/mongodb
Source: GitHub Advisory Database
Blast Radius: 47.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS00cXJwLTI3cjMtNjZmas0ylw
Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius
Ecosystems: packagist
Packages: Sylius/Sylius
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00anAzLXEycW0tOWZtd80ykw
Improper Restriction of Rendered UI Layers or Frames in Sylius
Ecosystems: packagist
Packages: sylius/sylius
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0ycDg5LXBwYzItbXJxNM0vow
Cross site scripting in getgrav/grav
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01bXd4LWY2dzYtN3c1cs0wJQ
Cross-site Scripting in GeniXCMS
Ecosystems: packagist
Packages: genix/cms
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14ajdoLWc3cmgtZ2pjd80wUw
Cross-site Scripting in Subrion CMS
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zZm04LTdncGYtcDhmbc4AAbxG
SocialNetwork Cross-Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: movingbytes/social-network
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00MjdxLWpwOHYtd3c5Nc0Xlg
Cross-site Scripting in kimai2
Ecosystems: packagist
Packages: kevinpapst/kimai2
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS00aHg5LXA5MjUtcWN2N84AAgop
phpBB Server side request forgery (SSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jNHIyLTNmOXItcndwOM4AAilK
Magento 2 Community Weak PRNG
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02bWgyLTk4Z3Itd3Y3Ns4AAiKB
phpBB Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcHYyLWp4YzctMzYzOM0rzw
Exposure of Sensitive Information in snipe/snipe-it
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jcHFjLWc0cjgtNmh4Z84AAjVP
phpBB Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14dmd4LTY2OGotZjY3cM4AAktE
Subrion CMS XSS
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13NXE0LXE3d3AtcXd3Ns4AAhCh
Craft CMS XSS Vulnerability
Ecosystems: packagist
Packages: craftcms/cms
Source: GitHub Advisory Database
Blast Radius: 21.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13ZzI0LTl4bTktNTkzds4AAjz8
phpBB Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qaDY5LTZ2djItd2ZwNc4AAjnZ
Dolibarr ERP and CRM contain XSS Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mZjV4LTdxZzUtdndmMs4AA3uh
Denial of service caused by infinite recursion when parsing SVG document
Ecosystems: packagist
Packages: phenx/php-svg-lib
Source: GitHub Advisory Database
Blast Radius: 22.9
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS02bTI2LTI1cTItY3E0Ns0vLw
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wN3JtLWdoOWctNWZyOM4AAkx_
Image Resizer Cross-site Scripting (XSS) in the Bulk Resize action
Ecosystems: packagist
Packages: verbb/image-resizer
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mY3d3LTh3dmMtMzhxOc4AAj_R
phpMyAdmin SQL injection vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNDN2LTVwZmYtcXFmas4AAtoG
Moodle Open redirect risk in mobile auto-login feature
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04dnE2LTVmNjYtaHAzcs0vDA
Logic error in dolibarr/dolibarr
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05OG1mLW1xdzktOXE4cc4AAbO2
Moodle Global search displays user names for unauthenticated users
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ydzk4LTU4NDYtcHFoeM0sWA
Open redirect in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS05Y2c0LTRmODctamhtM84AAbOz
Moodle XSS in attachments to evidence of prior learning
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00bTZ2LXg5ZmotODQ3as4AAW3t
Moodle Cross-site Scripting in the Course summary filter of the Add a new course
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tMzRtLWZnaDQtdjdjeM4AASao
Moodle External blog editing takeover
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ncXJwLXFodjgtcGhyds4AARMy
Moodle Cross-site Scripting
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1nNW01LWo0OGctZnIyNM4AAo2f
Moodle Cross Site Scripting (XSS)
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ybWc5LWh2NjktODk3eM4AAhhO
Moodle Ability to delete glossary entries that belong to another glossary
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tNHgzLXhtanYtcjc3OM4AAitR
Pimcore Cross-site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wcjRmLTRwY3gtMnIzaM4AAuZp
Pimcore Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01M202LTQ0cmMtaDJxNc0uRQ
Missing server signature validation in OctoberCMS
Ecosystems: packagist
Packages: october/system
Source: GitHub Advisory Database
Blast Radius: 12.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS03cmY4LTlyOGYtcWY1Oc4AAcvl
phpMyAdmin Cross-site scripting (XSS) vulnerability in SQL parser
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13OHFnLWo5ZnAtaHJqZs4AAcvj
phpMyAdmin Improper Input Validation
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1yOTkyLXhwaDYtaDd4Ms0reA
Open redirect in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12cHE3LW00cW0tcDJncM0sVw
Microweber vulnerable to Improper Validation of Specified Quantity in Input
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02ajJ2LWc5cmctcWNtNc4AAbZ7
phpMyAdmin Local file exposure through symlinks with UploadDir
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1tMzkyLTIzNWotOXI3cs4AAu1U
TYPO3 CMS vulnerable to User Enumeration via Response Timing
Ecosystems: packagist
Packages: typo3/cms, typo3/cms-core
Source: GitHub Advisory Database
Blast Radius: 19.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zcDlqLTQ0MngtaGpwN80t0g
Business Logic Errors in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mY2dtLTYycDMtZjdjbc4AAbZ8
phpMyAdmin Local file exposure
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zNXdmLTN3cTItcjNoeM4AAx9e
Moodle has Incorrect Default Permissions
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1waGhtLTYzeHgtdjlycs4AAbZy
phpMyAdmin Reflected File Download attack
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zaHc1LWZmZmMtcXJnNM4AAbY3
phpMyAdmin Denial of Service (DoS)
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jNTc5LWhodzUtY3IzcM4AA5c9
Enhavo Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: enhavo/enhavo-app
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1qOWN3LTVjcGotOXFqNc4AAx9i
Moodle has a Hidden Functionality vulnerability
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1ncW1qLWY0Nngtd3Fod84AAXSy
phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1naHd3LWN2NHYtaG14eM0s1w
Cross-Site Request Forgery microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01OXg0LTY3bWgtcHg1NM0s4Q
Crypt_GPG does not prevent additional options in GPG calls
Ecosystems: packagist
Packages: pear/crypt_gpg
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13bTljLXZjdjItdnBxY84AAVES
phpMyAdmin full path disclosure vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1najI2LWc1cWYtanJoN80sYA
Cross-site Scripting in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1td204LTM2YzUtajVjZs4AAVEP
phpMyAdmin Cross-site scripting (XSS) vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ycDM0LTg1eDMtMzc2NM0r8A
Cross-site Scripting in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS02MzQ5LTUzdnItN2hjcs4AAmMK
phpMyAdmin Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00YzlxLTY0Z3EteGh4NM4AAq4u
phpMyAdmin Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04d2dqLTZ3eDgtaDVocc3r4Q
Symfony HTTP Foundation web cache poisoning
Ecosystems: packagist
Packages: symfony/symfony, symfony/http-foundation
Source: GitHub Advisory Database
Blast Radius: 37.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01NHFxLTljaGotcnhods0nPQ
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS12andnLTI4Z3YtcG04aM4AA7R7
Pimcore TinyMCE Bundle - tinymce CVE-2024-29203, CVE-2024-29881
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: 24 days ago
Moderate
GSA_kwCzR0hTQS1teGgzLTI2OTktOThnOc0pxg
Cross-site Scripting pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1najg1LXB2cDUtbXZmOc0pLQ
Cross-site Scripting in Beanstalk console
Ecosystems: packagist
Packages: ptrofimov/beanstalk_console
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01N3FmLTgyaGgtMmhtY80pfQ
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1qcWZwLW01ZjgtdmcyOM0clA
Dolibarr Cross Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS0yN3YyLTM5OHgtZjc0eM4AAQZm
MAGMI cross-site scripting (XSS)
Ecosystems: packagist
Packages: dweeves/magmi
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00YzY0LXc4ZmcteGNxMs4AAbIO
Yii Cross-site Scripting Framework vulnerability
Ecosystems: packagist
Packages: yiisoft/yii2, yiisoft/yii2-dev
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12bTRwLWdoODIteHE5Ns4AA3Ti
Cross-site Scripting in Admidio
Ecosystems: packagist
Packages: admidio/admidio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1mcThxLTU1djMtMjk4Ns4AAyg5
Pimcore Perspective Editor vulnerable to stored cross-site scripting (XSS) in perspective name
Ecosystems: packagist
Packages: pimcore/perspective-editor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1oNzk4LWg3ZmYtOTN4ds30VA
Moodle Arbitrary Redirect
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS0zZzQzLXg3cXItOTZwaM4AAyE0
Possible CSRF token fixation
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 1.5
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yaHc2LTZyZ2YtNzI2ds30Og
Moodle XSS Vulnerability
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1jOHdqLXEzNnEtM3dnNM4AAQK-
phpMyAdmin Arbitrary file read vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS04eDQ0LXB3cjItcmdjNs0nMA
Cross-site Scripting in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS01bTJoLTdyZjItcnB4Ns4AAuzF
UniSharp Laravel Filemanager directory traversal vulnerability
Ecosystems: packagist
Packages: unisharp/laravel-filemanager
Source: GitHub Advisory Database
Blast Radius: 22.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oanJqLTd3Y2otN2ozY83z_A
Moodle sensitive information disclosure
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14Yzk3LXI0OXEtY3hnY84AATj3
phpMyAdmin Local file inclusion through transformation feature
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cGMtNWp4NC1jZnFn
User enumeration leak using switch user functionality in Symfony
Ecosystems: packagist
Packages: symfony/symfony, symfony/security-http
Source: GitHub Advisory Database
Blast Radius: 23.3
Published: over 4 years ago
Moderate
GSA_kwCzR0hTQS1mN3E2LXh4cGgtbWZtOM0m0A
Cross-site Scripting in Pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1jOTU4LTRqOXgtcTd3NM4AAVTj
phpMyAdmin Cross-site Scripting (XSS) in the import dialog
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xamZ4LWZ2eDctM3d2d84AA3yi
Business Logic Errors in microweber/microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1ydjZtLWNodnYtd214Z84AAWq1
phpMyAdmin Denial of service (DOS) attack in transformation feature
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS12d3hwLTlxbWYtdzI5Oc0n3Q
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS0yeHBtLWNtdnctM2pjY84AAyKA
Reflected XSS in Application Logger module
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 634
Ecosystems: 12
Filter by Severity
Moderate 8,161 High 6,452 Critical 2,849 Low 1,017
Filter by Ecosystem
maven 5,573 packagist 4,003 pypi 3,848 npm 3,557 go 1,935 nuget 1,421 rubygems 815 cargo 780 swift 31 hex 30 actions 16 pub 8
Filter by Package
moodle/moodle 323 magento/community-edition 203 pimcore/pimcore 116 dolibarr/dolibarr 107 typo3/cms 102 phpmyadmin/phpmyadmin 92 microweber/microweber 91 drupal/core 90 typo3/cms-core 77 drupal/drupal 75 thorsten/phpmyfaq 70 librenms/librenms 54 symfony/symfony 53 concrete5/concrete5 52 shopware/platform 48 baserproject/basercms 43 intelliants/subrion 40 showdoc/showdoc 40 craftcms/cms 40 nilsteampassnet/teampass 37 froxlor/froxlor 37 shopware/core 36 silverstripe/framework 32 snipe/snipe-it 32 mautic/core 30 getgrav/grav 29 centreon/centreon 27 shopware/shopware 27 prestashop/prestashop 26 magento/core 24 pocketmine/pocketmine-mp 23 remdex/livehelperchat 23 mediawiki/core 23 getkirby/cms 22 grumpydictator/firefly-iii 22 contao/core-bundle 21 tribalsystems/zenario 20 laravel/framework 19 contao/contao 18 forkcms/forkcms 18 cockpit-hq/cockpit 18 simplesamlphp/simplesamlphp 18 topthink/framework 17 cakephp/cakephp 17 symfony/security 17 francoisjacquet/rosariosis 17 ezsystems/ezpublish-kernel 17 genix/cms 17 yetiforce/yetiforce-crm 16 openmage/magento-lts 15 phpmailer/phpmailer 14 zendframework/zendframework1 14 typo3/cms-backend 14 ec-cube/ec-cube 14 symfony/security-http 14 smarty/smarty 14 codeigniter4/framework 13 bolt/bolt 13 elefant/cms 13 lavalite/cms 13 impresscms/impresscms 13 october/system 13 sylius/sylius 12 dompdf/dompdf 12 phpbb/phpbb 12 phpmyfaq/phpmyfaq 12 studio-42/elfinder 12 feehi/feehicms 11 silverstripe/cms 11 zendframework/zendframework 11 feehi/cms 11 ezsystems/ezplatform-kernel 11 opencart/opencart 10 ezsystems/ezpublish-legacy 10 wwbn/avideo 10 pimcore/admin-ui-classic-bundle 10 admidio/admidio 10 pagekit/pagekit 10 nukeviet/nukeviet 10 wallabag/wallabag 10 kevinpapst/kimai2 9 TinyMCE 9 contao/core 9 funadmin/funadmin 9 ssddanbrown/bookstack 9 tinymce/tinymce 9 october/october 9 tinymce 9 concrete5/core 9 alextselegidis/easyappointments 9 yiisoft/yii2 8 october/cms 8 croogo/croogo 8 facturascripts/facturascripts 8 gilacms/gila 8 pimcore/customer-management-framework-bundle 8 sulu/sulu 8 codiad/codiad 8 flarum/core 7 wpglobus/wpglobus 7 ezsystems/ezplatform-admin-ui 7 mantisbt/mantisbt 7 silverstripe/admin 7 silverstripe/graphql 7 october/backend 7 symfony/http-foundation 7 statamic/cms 7 pterodactyl/panel 7 yiisoft/yii2-dev 6 directmailteam/direct-mail 6 yourls/yourls 6 gleez/cms 6 bagisto/bagisto 6 dweeves/magmi 6 guzzlehttp/guzzle 6 in2code/femanager 6 symfony/http-kernel 6 composer/composer 6 nystudio107/craft-seomatic 6 zoujingli/thinkadmin 6 backdrop/backdrop 6 thinkcmf/thinkcmf 5 silverstripe/assets 5 simplesamlphp/saml2 5 cachethq/cachet 5 automad/automad 5 phpxmlrpc/phpxmlrpc 5 neos/flow 5 billz/raspap-webgui 5 typo3/cms-install 5 elgg/elgg 5 phpseclib/phpseclib 5 neos/neos 5 illuminate/database 5 vrana/adminer 5 symfony/security-core 5 anchorcms/anchor-cms 5 codeigniter/framework 5 pear/archive_tar 5 oro/platform 5 bottelet/flarepoint 5 gugoan/economizzer 5 ibexa/core 5 symfony/security-bundle 4 modx/revolution 4 typo3/html-sanitizer 4 ezsystems/ezplatform 4 oro/commerce 4 phpservermon/phpservermon 4 notrinos/notrinos-erp 4 codeigniter4/shield 4 bref/bref 4 wp-premium/gravityforms 4 idno/known 4 wintercms/winter 4 typo3/cms-frontend 4 kimai/kimai 4 woocommerce/woocommerce 4 appwrite/server-ce 4 magento/product-community-edition 4 friendsofsymfony/user-bundle 4 pyrocms/pyrocms 4 bytefury/crater 4 evolutioncms/evolution 4 spatie/browsershot 4 adodb/adodb-php 4 shopware/storefront 4 sylius/resource-bundle 3 symfony/form 3 amphp/http-client 3 uvdesk/community-skeleton 3 enhavo/enhavo-app 3 zendframework/zendservice-amazon 3 pixelfed/pixelfed 3 zendframework/zendservice-api 3 facade/ignition 3 joomla/joomla-cms 3 twig/twig 3 phenx/php-svg-lib 3 shopxo/shopxo 3 doctrine/orm 3 yiisoft/yii 3 joomla/framework 3 quickapps/cms 3 reportico-web/reportico 3 qcubed/qcubed 3 phpoffice/phpspreadsheet 3 rudloff/alltube 3 ckeditor4 3 verbb/comments 3 icecoder/icecoder 3 typo3/cms-form 3 zencart/zencart 3 processwire/processwire 3 froala/wysiwyg-editor 3 buddypress/buddypress 3 illuminate/auth 3 limesurvey/limesurvey 3 bbpress/bbpress 3 zendframework/zendopenid 3
Filter by Repository
https://github.com/moodle/moodle 210 https://github.com/pimcore/pimcore 111 https://github.com/microweber/microweber 85 https://github.com/thorsten/phpmyfaq 69 https://github.com/Dolibarr/dolibarr 55 https://github.com/symfony/symfony 47 https://github.com/TYPO3/typo3 46 https://github.com/librenms/librenms 46 https://github.com/shopware/platform 43 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/concretecms/concretecms 34 https://github.com/octobercms/october 33 https://github.com/magento/magento2 31 https://github.com/craftcms/cms 29 https://github.com/mautic/mautic 28 https://github.com/snipe/snipe-it 28 https://github.com/froxlor/froxlor 26 https://github.com/shopware/shopware 24 https://github.com/getgrav/grav 24 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/PrestaShop/PrestaShop 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/baserproject/basercms 22 https://github.com/contao/contao 22 https://github.com/intelliants/subrion 19 https://github.com/nilsteampassnet/teampass 19 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/getkirby/kirby 18 https://github.com/liufee/cms 17 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/forkcms/forkcms 16 https://github.com/OpenMage/magento-lts 15 https://github.com/simplesamlphp/simplesamlphp 15 https://github.com/centreon/centreon 15 https://github.com/laravel/framework 15 https://github.com/cockpit-hq/cockpit 14 https://github.com/PHPMailer/PHPMailer 14 https://github.com/silverstripe/silverstripe-framework 13 https://github.com/dompdf/dompdf 13 https://github.com/centreon/centreon-archived 12 https://github.com/top-think/framework 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/cakephp/cakephp 11 https://github.com/drupal/core 11 https://github.com/Studio-42/elFinder 11 https://github.com/smarty-php/smarty 11 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/WWBN/AVideo 10 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/dolibarr/dolibarr 10 https://github.com/Sylius/Sylius 10 https://github.com/semplon/GeniXCMS 9 https://github.com/bolt/bolt 9 https://github.com/yiisoft/yii2 9 https://github.com/neorazorx/facturascripts 9 https://github.com/kevinpapst/kimai2 9 https://github.com/funadmin/funadmin 9 https://github.com/alextselegidis/easyappointments 9 https://github.com/LavaLite/cms 9 https://github.com/tinymce/tinymce 9 https://github.com/francoisjacquet/rosariosis 8 https://github.com/GilaCMS/gila 8 https://github.com/wallabag/wallabag 8 https://github.com/sulu/sulu 8 https://github.com/TribalSystems/Zenario 8 https://github.com/admidio/admidio 8 https://github.com/Froxlor/Froxlor 8 https://github.com/pimcore/customer-data-framework 8 https://github.com/ezsystems/ezplatform-kernel 7 https://github.com/pterodactyl/panel 7 https://github.com/d4wner/Vulnerabilities-Report 7 https://github.com/croogo/croogo 7 https://github.com/flarum/framework 7 https://github.com/mantisbt/mantisbt 7 https://github.com/pagekit/pagekit 7 https://github.com/Codiad/Codiad 7 https://github.com/bookstackapp/bookstack 6 https://github.com/ImpressCMS/impresscms 6 https://github.com/wintercms/winter 6 https://github.com/guzzle/guzzle 6 https://github.com/statamic/cms 6 https://github.com/nystudio107/craft-seomatic 6 https://github.com/oroinc/orocommerce 6 https://gitlab.com/francoisjacquet/rosariosis 6 https://github.com/ezsystems/ezpublish-legacy 6 https://github.com/gleez/cms 6 https://sourceforge.net/projects/phpmyadmin.sourceforge.net 5 https://github.com/composer/composer 5 https://github.com/nukeviet/nukeviet 5 https://github.com/jbroadway/elefant 5 https://github.com/pear/Archive_Tar 5 https://github.com/contao/core 5 https://github.com/dub-flow/vulnerability-research 5 https://github.com/ibexa/core 5 https://github.com/vrana/adminer 5 https://github.com/Bottelet/DaybydayCRM 5 https://github.com/silverstripe/silverstripe-graphql 5 https://github.com/RaspAP/raspap-webgui 5 https://github.com/phpseclib/phpseclib 5 https://github.com/zendframework/zf1 5 https://github.com/gggeek/phpxmlrpc 5 https://github.com/thinkcmf/thinkcmf 5 https://github.com/codeigniter4/shield 4 https://github.com/ezsystems/ezplatform-admin-ui 4 https://github.com/ADOdb/ADOdb 4 https://github.com/spatie/browsershot 4 https://github.com/opencart/opencart 4 https://github.com/ezsystems/ezplatform 4 https://github.com/oroinc/platform 4 https://github.com/yourls/yourls 4 https://github.com/screetsec/VDD 4 https://github.com/kimai/kimai 4 https://github.com/crater-invoice/crater 4 https://github.com/hieuminhnv/Zenario-CMS-last-version 4 https://github.com/fiveai/Cachet 4 https://github.com/phpservermon/phpservermon 4 https://github.com/zoujingli/ThinkAdmin 4 https://github.com/silverstripe/silverstripe-admin 4 https://github.com/LimeSurvey/LimeSurvey 4 https://github.com/brefphp/bref 4 https://github.com/appwrite/appwrite 4 https://github.com/backdrop/backdrop 4 https://github.com/bagisto/bagisto 4 https://github.com/TYPO3/html-sanitizer 4 https://github.com/PrestaShop/productcomments 3 https://github.com/elgg/elgg 3 https://github.com/qcubed/qcubed 3 https://github.com/quickapps/cms 3 https://github.com/belong2yourself/vulnerabilities 3 https://github.com/guzzle/psr7 3 https://github.com/reportico-web/reportico 3 https://github.com/Rudloff/alltube 3 https://github.com/modxcms/revolution 3 https://github.com/dd3x3r/enhavo 3 https://github.com/darylldoyle/svg-sanitizer 3 https://github.com/BookStackApp/BookStack 3 https://github.com/zendframework/zendframework 3 https://github.com/in2code-de/femanager 3 https://github.com/pixelfed/pixelfed 3 https://github.com/twigphp/Twig 3 https://github.com/facade/ignition 3 https://github.com/TYPO3-Solr/ext-solr 3 https://github.com/flarum/core 3 https://github.com/notrinos/notrinoserp 3 https://github.com/uvdesk/community-skeleton 3 https://github.com/verbb/comments 3 https://github.com/oroinc/crm 3 https://github.com/FriendsOfSymfony/FOSUserBundle 3 https://github.com/Athlon1600/php-proxy-app 3 https://github.com/artesaos/seotools 3 https://github.com/Sylius/SyliusResourceBundle 3 https://github.com/liufee/feehicms 3 https://github.com/idno/known 3 https://github.com/concrete5/concrete5 3 https://github.com/TYPO3/phar-stream-wrapper 2 https://github.com/cecilapp/cecil 2 https://github.com/PHPSocialNetwork/phpfastcache 2 https://github.com/filegator/filegator 2 https://github.com/TYPO3/Fluid 2 https://github.com/squizlabs/PHP_CodeSniffer 2 https://github.com/CCCCCrash/POCs 2 https://github.com/ezsystems/repository-forms 2 https://github.com/amphp/http-client 2 https://github.com/laminas/laminas-diactoros 2 https://github.com/woocommerce/woocommerce 2 https://github.com/tpwd/ke_search 2 https://github.com/top-think/thinkphp 2 https://github.com/ezsystems/ezplatform-rest 2 https://github.com/laravel/socialite 2 https://github.com/PrestaShop/blockreassurance 2 https://github.com/api-platform/core 2 https://github.com/bcit-ci/CodeIgniter 2 https://github.com/anchorcms/anchor-cms 2 https://github.com/ethercreative/logs 2 https://github.com/mustgundogdu/Research 2 https://github.com/PrivateBin/PrivateBin 2 https://github.com/munkireport/munkireport-php 2 https://github.com/apereo/phpCAS 2 https://github.com/wp-graphql/wp-graphql 2 https://github.com/livewire/livewire 2 https://github.com/onelogin/php-saml 2 https://github.com/verbb/knock-knock 2 https://github.com/icecoder/ICEcoder 2 https://github.com/nu11secur1ty/CVE-nu11secur1ty 2 https://github.com/FriendsOfSymfony1/symfony1 2 https://github.com/orchidsoftware/platform 2 https://github.com/ckeditor/ckeditor4 2 https://github.com/verbb/image-resizer 2 https://github.com/fuel/core 2 https://github.com/packbackbooks/lti-1-3-php-library 2 https://github.com/paragonie/phpecc 2 https://github.com/aws/aws-sdk-php 2 https://github.com/passbolt/passbolt_api 2 https://github.com/azuracast/azuracast 2 https://github.com/joomla/joomla-cms 2