Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1mY2oyLXJ4cWMtMjk0Y84AAnQ9
Gravity Forms stored HTML injection vulnerability
Ecosystems: packagist
Packages: wp-premium/gravityforms
Source: GitHub Advisory Database
Blast Radius: 4.9
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05OGoyLTNqdjctMjc0bc4AAnQi
Mautic stored Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: mautic/core
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS00dnAyLW1qNG0tNjltNM4AAnMZ
ThinkAdmin insecure unserialize vulnerability
Ecosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04N2N2LTU3cDgtajMzeM4AAnBI
OpenCart Cross-site Scripting (XSS) in the Subject field of mail.
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03dnJwLTNwZmYtYzNqNM4AAnA_
OpenCart Stored Cross-Site Scripting
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13d2g4LXYzajMtZ3hmd84AAnAp
WooCommerce Incorrect Authorization
Ecosystems: packagist
Packages: woocommerce/woocommerce
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03eDhnLWgyNDYtZ3Z4M84AAm-U
Dolibarr authenticated Remote Code Execution
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1ydjc0LW1oMjctNGpwds4AAm21
browsershot local file inclusion vulnerability
Ecosystems: packagist
Packages: spatie/browsershot
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS0zajZtLW01djUtOTc4Nc4AAm2e
OpenCart Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 4.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mNXI4LTdoNGYtanI5eM4AAmyP
Moodle incorrect access control
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tZ2ZwLXFjZjItcHczbc4AAmyM
Moodle stored Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00dzRqLTk1MzMtODJxZ84AAmyf
Moodle Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02NnhwLTI4Y3EtbXJmMs4AAmyb
Moodle Denial of Service
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02d205LTk2Nm0tNzNqcs4AAmwu
EC-CUBE Improper input validation vulnerability
Ecosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1yd2g4LWg1MjUtNGp2as4AAmwt
EC-CUBE Improper Restriction of Rendered UI Layers or Frames
Ecosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0ybWd4LTIyNngtOHB3ds4AAmob
AVideo vulnerable to Improper Privilege Management
Ecosystems: packagist
Packages: wwbn/avideo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wN203LWo4anYtMzkzcc4AAmmO
Magento incorrect permissions vulnerability in the Inventory module
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1tcjhxLTdmNWotd2M3Oc4AAmnC
Magento information disclosure vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03cHhnLTZwODctOGM5ds4AAmmL
Magento 2 Community Edition RCE via Unsafe File Upload
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mMmczLTNjNnEtNDQ3OM4AAmmC
Magento 2 Community Edition Incorrect Authorization
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS0zOXJ3LTRtNjYtODJnZs4AAmmH
Magento incorrect user permissions vulnerability within the Inventory component
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wZjZ3LTNwZnctZnh2d84AAml-
Magento SQL Injection vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1yd2Y3LTY1MmYtNzZtds4AAml3
Magento 2 Community Edition vulnerable to Improper Authorization
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1odmY1LTRqcjktZmdoaM4AAmmI
Magento incorrect permissions vulnerability in the Integrations component
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nN3IzLWp3aHctMndmds4AAmmD
Microweber Insufficient Session Expiry
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01bWgyLTgyZzktNzJqds4AAmiZ
Subrion CMS CSRF Vulnerability
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jaDM3LWNoOHctY2Zycc4AAmfP
Bookstack Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: ssddanbrown/bookstack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wd2dnLXI2ZnEtbWY5NM4AAmZg
YOURLS Stored Cross Site Scripting (XSS)
Ecosystems: packagist
Packages: yourls/yourls
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qeGpjLTZ4bWgtaDdtZ84AAmQ0
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03ZmY0LWN2NTMtNGNqcc4AAmL9
phpMyAdmin SQL injection vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02MzQ5LTUzdnItN2hjcs4AAmMK
phpMyAdmin Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01Nnh4LXB2ODgtMjY2Ms4AAmK8
PyroCMS Vulnerable to CSRF
Ecosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12ZzJnLTY5OGgtdjl3M84AAmK5
PyroCMS Vulnerable to CSRF
Ecosystems: packagist
Packages: pyrocms/pyrocms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xcmhxLXg3eGgtMjc4NM4AAmIX
Froala WYSIWYG Editor XSS Vulnerability
Ecosystems: packagist
Packages: froala/wysiwyg-editor
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jNDl2LTM1ZmYtcTlmN84AAmAg
DotPlant2 Improper Restriction of XML External Entity Reference
Ecosystems: packagist
Packages: devgroup/dotplant
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0ycW01LXI4MmctNWhjeM4AAl7V
ThinkAdmin directory traversal vulnerability
Ecosystems: packagist
Packages: zoujingli/thinkadmin
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04ZjJ4LWh2OXItbWg5cs4AAlzy
silverstripe-advancedreports vulnerable to XSS
Ecosystems: packagist
Packages: silverstripe-australia/advancedreports
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yZ2NwLXh3eGctaHFnM84AAlyr
Dolibarr Unrestricted Upload of File with Dangerous Type
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04cjJ3LXBoeDQtbWdwds4AAlw2
Dolibarr stored Cross-Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nMng0LTI1NnYtNXB2eM4AAltW
Codiad Cross-site Scripting Vulnerability
Ecosystems: packagist
Packages: codiad/codiad
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1jM3E4LWhoNjktN21nNc4AAlsr
Codiad SSRF Vulnerability
Ecosystems: packagist
Packages: codiad/codiad
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zNWdwLWp4dzgteHc2aM4AAlsp
Codiad CSRF Vulnerability
Ecosystems: packagist
Packages: codiad/codiad
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNWgzLW13M3AtdzhyN84AAlrw
Dolibarr CRM allows Privilege Escalation
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qaG05LWg4NGgtcnc4M84AAlqR
phpBB Server-Side Request Forgery Vulnerability
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14Z3A5LWo0OGgtampmOc4AAlfm
Magento observable timing discrepancy vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12cWc3LTh2NngtNTRycc4AAlf3
Magento security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1nN3BjLTc5OXEtNzQzZs4AAlf2
Magento DOM-based Cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcjZmLXhtZngtcnJwcc4AAlf1
Magento path traversal vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yNHBoLW14NjcteDU4cM4AAleY
Shopware database password is leaked to an unauthenticated users
Ecosystems: packagist
Packages: shopware/platform, shopware/shopware, shopware/core
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01dm1nLXg5OWctMzk2cc4AAld_
Shopware vulnerable to SSRF
Ecosystems: packagist
Packages: shopware/platform
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1meGYzLXd4M2MtNzZwZs4AAleW
Shopware vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: shopware/platform
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xdnc5LTY1Njctd3E3OM4AAlco
MunkiReport reportdata module SQL injection vulnerability
Ecosystems: packagist
Packages: munkireport/reportdata
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12YzRmLTJnN2YtcG1xcs4AAlc2
MunkiReport Cross-Site Scripting (XSS) Filter Bypass On Comment
Ecosystems: packagist
Packages: munkireport/munkireport, munkireport/managedinstalls, munkireport/comment
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03OXhyLXY3OTQtd3EzNc4AAlcx
MunkiReport Managed Installs module Reflected Cross-Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: munkireport/munkireport, munkireport/managedinstalls
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00cWdoLW05dnAtNDh4cM4AAlcr
MunkiReport Software Update module is vulnerable to SQL injection
Ecosystems: packagist
Packages: munkireport/softwareupdate
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14OXE0LTVmM2MtY3c2Ms4AAlct
MunkiReport munki_facts module Cross-Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: munkireport/munki_facts
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14YzRwLWo4OWMtcDd4Nc4AAlcF
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0zMzdjLTNyY2gtcTM1as4AAlcG
Magento php object injection vulnerability
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nNXI2LXZybXgtOWd3as4AAlbR
LibreNMS SQL Injection vulnerability
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wbXhnLXc5YzctZmZtcc4AAlY3
Microweber Discloses Sensitive Information
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycHcyLXFwY3AtbTQ3eM4AAlYo
Silverstripe CMS XSS Vulnerability
Ecosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNzd3LTY1NWYtNmozbc4AAlYn
Silverstripe CMS malicious file upload enables script execution
Ecosystems: packagist
Packages: silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nbTV4LWhwbXcteHB4Z84AAlYx
Silverstripe CMS information disclosure
Ecosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01ODlxLTc1cjMtbWZxNM4AAlYy
Silverstripe has Incorrect Default Permissions
Ecosystems: packagist
Packages: silverstripe/graphql, silverstripe/recipe-cms
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nZzQ4LW1wcDgtY2dxY84AAlP3
ke_search for Typo3 XSS Vulnerability
Ecosystems: packagist
Packages: tpwd/ke_search
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yM2ZtLXY4OTUtM3F4cc4AAlQF
jh_captcha for Typo3 XSS Vulnerability
Ecosystems: packagist
Packages: haffner/jh_captcha
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01ajR3LXY4N20tOHI2Nc4AAlK_
Magento business logic error vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02dzI5LXg1ajQtcWhyd84AAlK8
Magento security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/community-edition, magento/core
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1nZmZ4LTlmMzYtcjh3cM4AAlLD
Magento security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13N3JoLTl3NXYtcndxas4AAlKh
Magento defense-in-depth security mitigation vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jM200LWh4djktNG14as4AAlKP
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jNTVoLTdxNGotZzZycc4AAlKQ
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NWg0LTZnY2otNmh3ds4AAlKO
Magento Stored cross-site scripting
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04d203LWgycWgtZmY0Y84AAlKU
Magento authorization bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qMnI0LTJjcjYtaDNyM84AAlKd
Magento Signature verification bypass
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01NWd2LWhmZzMtaHdqcc4AAlKV
Magento Defense-in-depth security mitigation vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qMmpwLTU4Z3YtZzJwZ84AAlLP
Magento Security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02ODl3LTJmOTMtMng2N84AAlKJ
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/community-edition, magento/core
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03MjR4LWdxaHYtOWM1eM4AAlJ-
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS00Zjd4LWdqcWMtcXFwZ84AAlKL
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12cnAzLXdjMjgtcWcyaM4AAlKN
Magento Security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ydzJ4LTdxZ2otNHg3OM4AAlJ8
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yMzQ1LXg4aHItMnI5cM4AAlIX
acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation
Ecosystems: packagist
Packages: airesvsg/acf-to-rest-api
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jMnB4LWpjZ3ctOXg1N84AAlHz
NukeViet Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03cnc1LTZwcjQtZmdoM84AAlHk
NukeViet Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nM3hmLTg1d2MtNDVncc4AAlHZ
NukeViet Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: nukeviet/nukeviet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oeDc5LXg4N2MtaGdtM84AAlGK
EC-CUBE Directory traversal vulnerability
Ecosystems: packagist
Packages: ec-cube/ec-cube
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tMzk2LTJ4M2gtdjN2NM4AAlGL
Dolibarr reflected cross-site scripting (XSS) vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yY21mLTg4cDQtOXdyZ84AAlFm
WooCommerce Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: woocommerce/woocommerce
Source: GitHub Advisory Database
Blast Radius: 19.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04djd2LTZtbW0teGp4bc4AAlC9
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14NmdxLXZyNTktNHE1cc4AAlAa
KumbiaPHP Cross-site Scripting
Ecosystems: packagist
Packages: kumbiaphp/kumbiapp
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wOXF3LWZoMzgteDM3Zs4AAk5J
OpenCart Cross-site Scripting
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cjhjLXBqN3gtbTVqeM4AAk3-
Comments plugin Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: verbb/comments
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qaGhmLWM4NDktM3JoMs4AAk37
Comments plugin stored Cross-site Scripting via a guest name
Ecosystems: packagist
Packages: verbb/comments
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02OXd3LXd2M2otbWhnNM4AAk4A
Comments plugin stored Cross-site Scripting (XSS) via an asset volume name
Ecosystems: packagist
Packages: verbb/comments
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tOTgzLXE3NmctY3dwcc4AAk0g
Gravity Forms plugin leak hashed passwords
Ecosystems: packagist
Packages: wp-premium/gravityforms
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1td3hoLTZqOXYtNDVwaM4AAkzb
bbPress unauthenticated privilege-escalation
Ecosystems: packagist
Packages: bbpress/bbpress
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03NGdjLWhmMzMtNTM1M84AAkyp
Fork CMS Cross-site Scripting Vulnerability
Ecosystems: packagist
Packages: forkcms/forkcms
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tNjlyLTRoNjgteHE3as4AAkyr
Knock Knock plugin Open redirection vulnerability
Ecosystems: packagist
Packages: verbb/knock-knock
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNXF2LXAzNzgtM2hocs4AAkyV
Centreon Sensitive Data Exposure vulnerability
Ecosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 2 years ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 607
Ecosystems: 12
Filter by Severity
Moderate 7,930 High 6,358 Critical 2,810 Low 985
Filter by Ecosystem
maven 5,531 packagist 3,811 pypi 3,712 npm 3,543 go 1,896 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8
Filter by Package
moodle/moodle 323 magento/community-edition 182 pimcore/pimcore 116 dolibarr/dolibarr 107 typo3/cms 102 phpmyadmin/phpmyadmin 92 microweber/microweber 91 drupal/core 76 typo3/cms-core 73 thorsten/phpmyfaq 70 drupal/drupal 61 librenms/librenms 54 symfony/symfony 53 concrete5/concrete5 52 shopware/platform 48 baserproject/basercms 43 showdoc/showdoc 40 craftcms/cms 40 intelliants/subrion 40 nilsteampassnet/teampass 37 froxlor/froxlor 36 shopware/core 36 silverstripe/framework 32 snipe/snipe-it 32 mautic/core 29 getgrav/grav 28 shopware/shopware 27 centreon/centreon 27 magento/core 24 prestashop/prestashop 24 pocketmine/pocketmine-mp 23 remdex/livehelperchat 23 grumpydictator/firefly-iii 22 getkirby/cms 22 contao/core-bundle 21 forkcms/forkcms 18 tribalsystems/zenario 18 simplesamlphp/simplesamlphp 18 contao/contao 18 cakephp/cakephp 17 cockpit-hq/cockpit 17 genix/cms 17 francoisjacquet/rosariosis 17 symfony/security 17 topthink/framework 16 yetiforce/yetiforce-crm 16 openmage/magento-lts 15 symfony/security-http 14 typo3/cms-backend 14 phpmailer/phpmailer 14 zendframework/zendframework1 14 ec-cube/ec-cube 14 ezsystems/ezpublish-kernel 14 smarty/smarty 14 impresscms/impresscms 13 codeigniter4/framework 13 bolt/bolt 13 elefant/cms 13 lavalite/cms 13 october/system 13 dompdf/dompdf 12 phpbb/phpbb 12 studio-42/elfinder 12 phpmyfaq/phpmyfaq 12 feehi/feehicms 11 feehi/cms 11 zendframework/zendframework 11 silverstripe/cms 11 sylius/sylius 10 wwbn/avideo 10 admidio/admidio 10 opencart/opencart 10 nukeviet/nukeviet 10 pimcore/admin-ui-classic-bundle 10 wallabag/wallabag 10 laravel/framework 10 ezsystems/ezplatform-kernel 10 pagekit/pagekit 10 tinymce 9 funadmin/funadmin 9 ssddanbrown/bookstack 9 concrete5/core 9 TinyMCE 9 alextselegidis/easyappointments 9 october/october 9 kevinpapst/kimai2 9 tinymce/tinymce 9 yiisoft/yii2 8 october/cms 8 sulu/sulu 8 codiad/codiad 8 facturascripts/facturascripts 8 pimcore/customer-management-framework-bundle 8 gilacms/gila 8 croogo/croogo 8 symfony/http-foundation 7 wpglobus/wpglobus 7 silverstripe/graphql 7 flarum/core 7 statamic/cms 7 silverstripe/admin 7 pterodactyl/panel 7 october/backend 7 zoujingli/thinkadmin 6 directmailteam/direct-mail 6 dweeves/magmi 6 yiisoft/yii2-dev 6 guzzlehttp/guzzle 6 bagisto/bagisto 6 yourls/yourls 6 in2code/femanager 6 contao/core 6 gleez/cms 6 symfony/http-kernel 6 composer/composer 6 nystudio107/craft-seomatic 6 backdrop/backdrop 6 vrana/adminer 5 phpxmlrpc/phpxmlrpc 5 symfony/security-core 5 ibexa/core 5 thinkcmf/thinkcmf 5 silverstripe/assets 5 simplesamlphp/saml2 5 cachethq/cachet 5 elgg/elgg 5 automad/automad 5 ezsystems/ezplatform-admin-ui 5 billz/raspap-webgui 5 pear/archive_tar 5 gugoan/economizzer 5 bottelet/flarepoint 5 anchorcms/anchor-cms 5 typo3/cms-install 5 phpseclib/phpseclib 5 oro/platform 5 idno/known 4 wintercms/winter 4 woocommerce/woocommerce 4 typo3/cms-frontend 4 notrinos/notrinos-erp 4 evolutioncms/evolution 4 bytefury/crater 4 codeigniter4/shield 4 typo3/html-sanitizer 4 oro/commerce 4 symfony/security-bundle 4 wp-premium/gravityforms 4 modx/revolution 4 spatie/browsershot 4 bref/bref 4 magento/product-community-edition 4 pyrocms/pyrocms 4 phpservermon/phpservermon 4 shopware/storefront 4 appwrite/server-ce 4 adodb/adodb-php 3 bbpress/bbpress 3 ezsystems/ezpublish-legacy 3 artesaos/seotools 3 joomla/framework 3 zendframework/zendrest 3 zencart/zencart 3 kimai/kimai 3 zendframework/zendservice-audioscrobbler 3 pixelfed/pixelfed 3 buddypress/buddypress 3 codeigniter/framework 3 mantisbt/mantisbt 3 twig/twig 3 tecnickcom/tcpdf 3 zendframework/zendservice-nirvanix 3 apache-solr-for-typo3/solr 3 limesurvey/limesurvey 3 symfony/form 3 zendframework/zendservice-slideshare 3 zendframework/zendservice-technorati 3 zendframework/zendservice-windowsazure 3 zendframework/zendservice-amazon 3 illuminate/database 3 phpoffice/phpspreadsheet 3 qcubed/qcubed 3 typo3/cms-form 3 quickapps/cms 3 prestashop/productcomments 3 verbb/comments 3 icecoder/icecoder 3 sylius/resource-bundle 3 facade/ignition 3 uvdesk/community-skeleton 3 enshrined/svg-sanitize 3 joomla/joomla-cms 3 yiisoft/yii 3 flarum/framework 3 verot/class.upload.php 3 ckeditor4 3 phenx/php-svg-lib 3 processwire/processwire 3 enhavo/enhavo-app 3 froala/wysiwyg-editor 3
Filter by Repository
https://github.com/moodle/moodle 210 https://github.com/pimcore/pimcore 111 https://github.com/microweber/microweber 85 https://github.com/thorsten/phpmyfaq 69 https://github.com/Dolibarr/dolibarr 55 https://github.com/symfony/symfony 47 https://github.com/librenms/librenms 46 https://github.com/shopware/platform 43 https://github.com/TYPO3/typo3 42 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/star7th/showdoc 38 https://github.com/concretecms/concretecms 34 https://github.com/octobercms/october 33 https://github.com/magento/magento2 31 https://github.com/craftcms/cms 29 https://github.com/snipe/snipe-it 28 https://github.com/mautic/mautic 27 https://github.com/froxlor/froxlor 26 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/shopware/shopware 24 https://github.com/pmmp/PocketMine-MP 23 https://github.com/livehelperchat/livehelperchat 23 https://github.com/getgrav/grav 23 https://github.com/baserproject/basercms 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/contao/contao 22 https://github.com/PrestaShop/PrestaShop 20 https://github.com/nilsteampassnet/teampass 19 https://github.com/intelliants/subrion 19 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/getkirby/kirby 18 https://github.com/liufee/cms 17 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/forkcms/forkcms 16 https://github.com/centreon/centreon 15 https://github.com/simplesamlphp/simplesamlphp 15 https://github.com/OpenMage/magento-lts 15 https://github.com/PHPMailer/PHPMailer 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/dompdf/dompdf 13 https://github.com/silverstripe/silverstripe-framework 13 https://github.com/centreon/centreon-archived 12 https://github.com/thorsten/phpMyFAQ 11 https://github.com/drupal/core 11 https://github.com/cakephp/cakephp 11 https://github.com/Studio-42/elFinder 11 https://github.com/smarty-php/smarty 11 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/ezsystems/ezpublish-kernel 10 https://github.com/dolibarr/dolibarr 10 https://github.com/top-think/framework 10 https://github.com/WWBN/AVideo 10 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/tinymce/tinymce 9 https://github.com/alextselegidis/easyappointments 9 https://github.com/semplon/GeniXCMS 9 https://github.com/yiisoft/yii2 9 https://github.com/funadmin/funadmin 9 https://github.com/LavaLite/cms 9 https://github.com/bolt/bolt 9 https://github.com/laravel/framework 9 https://github.com/kevinpapst/kimai2 9 https://github.com/neorazorx/facturascripts 9 https://github.com/pimcore/customer-data-framework 8 https://github.com/admidio/admidio 8 https://github.com/sulu/sulu 8 https://github.com/Sylius/Sylius 8 https://github.com/francoisjacquet/rosariosis 8 https://github.com/Froxlor/Froxlor 8 https://github.com/GilaCMS/gila 8 https://github.com/wallabag/wallabag 8 https://github.com/d4wner/Vulnerabilities-Report 7 https://github.com/Codiad/Codiad 7 https://github.com/ezsystems/ezplatform-kernel 7 https://github.com/pterodactyl/panel 7 https://github.com/flarum/framework 7 https://github.com/pagekit/pagekit 7 https://github.com/croogo/croogo 7 https://github.com/ImpressCMS/impresscms 6 https://github.com/bookstackapp/bookstack 6 https://github.com/TribalSystems/Zenario 6 https://github.com/statamic/cms 6 https://github.com/guzzle/guzzle 6 https://gitlab.com/francoisjacquet/rosariosis 6 https://github.com/wintercms/winter 6 https://github.com/gleez/cms 6 https://github.com/nystudio107/craft-seomatic 6 https://github.com/oroinc/orocommerce 6 https://sourceforge.net/projects/phpmyadmin.sourceforge.net 5 https://github.com/Bottelet/DaybydayCRM 5 https://github.com/ibexa/core 5 https://github.com/jbroadway/elefant 5 https://github.com/silverstripe/silverstripe-graphql 5 https://github.com/RaspAP/raspap-webgui 5 https://github.com/dub-flow/vulnerability-research 5 https://github.com/composer/composer 5 https://github.com/zendframework/zf1 5 https://github.com/vrana/adminer 5 https://github.com/gggeek/phpxmlrpc 5 https://github.com/thinkcmf/thinkcmf 5 https://github.com/pear/Archive_Tar 5 https://github.com/phpseclib/phpseclib 5 https://github.com/nukeviet/nukeviet 5 https://github.com/fiveai/Cachet 4 https://github.com/phpservermon/phpservermon 4 https://github.com/TYPO3/html-sanitizer 4 https://github.com/zoujingli/ThinkAdmin 4 https://github.com/silverstripe/silverstripe-admin 4 https://github.com/LimeSurvey/LimeSurvey 4 https://github.com/codeigniter4/shield 4 https://github.com/bagisto/bagisto 4 https://github.com/appwrite/appwrite 4 https://github.com/backdrop/backdrop 4 https://github.com/oroinc/platform 4 https://github.com/spatie/browsershot 4 https://github.com/crater-invoice/crater 4 https://github.com/opencart/opencart 4 https://github.com/yourls/yourls 4 https://github.com/ezsystems/ezplatform-admin-ui 4 https://github.com/brefphp/bref 4 https://github.com/screetsec/VDD 4 https://github.com/hieuminhnv/Zenario-CMS-last-version 4 https://github.com/quickapps/cms 3 https://github.com/kimai/kimai 3 https://github.com/elgg/elgg 3 https://github.com/qcubed/qcubed 3 https://github.com/oroinc/crm 3 https://github.com/PrestaShop/productcomments 3 https://github.com/modxcms/revolution 3 https://github.com/Rudloff/alltube 3 https://github.com/idno/known 3 https://github.com/facade/ignition 3 https://github.com/mantisbt/mantisbt 3 https://github.com/notrinos/notrinoserp 3 https://github.com/pixelfed/pixelfed 3 https://github.com/guzzle/psr7 3 https://github.com/darylldoyle/svg-sanitizer 3 https://github.com/dd3x3r/enhavo 3 https://github.com/liufee/feehicms 3 https://github.com/in2code-de/femanager 3 https://github.com/flarum/core 3 https://github.com/Sylius/SyliusResourceBundle 3 https://github.com/verbb/comments 3 https://github.com/BookStackApp/BookStack 3 https://github.com/zendframework/zendframework 3 https://github.com/uvdesk/community-skeleton 3 https://github.com/ADOdb/ADOdb 3 https://github.com/Athlon1600/php-proxy-app 3 https://github.com/artesaos/seotools 3 https://github.com/TYPO3-Solr/ext-solr 3 https://github.com/belong2yourself/vulnerabilities 3 https://github.com/twigphp/Twig 3 https://github.com/concrete5/concrete5 3 https://github.com/PHPOffice/PhpSpreadsheet 2 https://github.com/uasoft-indonesia/badaso 2 https://github.com/phpmyadmin/composer 2 https://github.com/UniSharp/laravel-filemanager 2 https://github.com/phpbb/phpbb 2 https://github.com/FriendsOfSymfony1/symfony1 2 https://github.com/verbb/image-resizer 2 https://github.com/packbackbooks/lti-1-3-php-library 2 https://github.com/TYPO3/phar-stream-wrapper 2 https://github.com/PHPSocialNetwork/phpfastcache 2 https://github.com/TYPO3/Fluid 2 https://github.com/tpwd/ke_search 2 https://github.com/top-think/thinkphp 2 https://github.com/filegator/filegator 2 https://github.com/PrestaShop/blockreassurance 2 https://github.com/ezsystems/ezpublish-legacy 2 https://github.com/ezsystems/ezplatform-rest 2 https://github.com/PrivateBin/PrivateBin 2 https://github.com/thephpleague/commonmark 2 https://github.com/ptrofimov/beanstalk_console 2 https://github.com/bolt/core 2 https://github.com/kitodo/kitodo-presentation 2 https://github.com/KnpLabs/snappy 2 https://github.com/laminas/laminas-diactoros 2 https://github.com/z-song/laravel-admin 2 https://github.com/Admidio/admidio 2 https://github.com/YOURLS/YOURLS 2 https://github.com/akeneo/pim-community-dev 2 https://github.com/icecoder/ICEcoder 2 https://github.com/yiisoft/yii2-authclient 2 https://github.com/yiisoft/yii 2 https://github.com/ibexa/admin-ui 2 https://github.com/alexbsec/CVEs 2 https://github.com/hieuminhnv/Zenario-CMS-9.0-last-version 2 https://github.com/helloxz/imgurl 2 https://github.com/munkireport/munkireport-php 2 https://github.com/mustgundogdu/Research 2 https://github.com/nette/latte 2 https://github.com/wp-graphql/wp-graphql 2 https://github.com/anchorcms/anchor-cms 2 https://github.com/woocommerce/woocommerce 2 https://github.com/gongfuxiang/shopxo 2 https://github.com/nu11secur1ty/CVE-nu11secur1ty 2 https://github.com/apereo/phpCAS 2 https://github.com/api-platform/core 2 https://github.com/orchidsoftware/platform 2