Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
Critical
GSA_kwCzR0hTQS05OXIzLXhtbXEtN3E3Z84AAv0h
eZ Platform users with the Company admin role can assign any role to any user
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 3 months ago
Critical
GSA_kwCzR0hTQS14ZnFnLXA0OGctaGg5NM4AArUB
Login timing attack in ezsystems/ezpublish-kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS01eDRmLTd4Z3EtcjQyeM1REw
Object state limitation has no effect
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 9 months ago
Critical
GSA_kwCzR0hTQS14d3Y2LXY3cXgtZjVqY80tiQ
Code injection in ezsystems/ezpublish-kernel
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: 12 months ago
High
GSA_kwCzR0hTQS00NG00LTljanAtajU4N80kcg
IBX-1392: Image filenames sanitization
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: about 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ydmotN3E0Zi01cDQy
Cross-site scripting in eZ Platform Kernel
Ecosystems: packagist
Packages: ezsystems/ezplatform-kernel, ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdtcmYtOTlndy12dndq
/user/sessions endpoint allows detecting valid accounts
Ecosystems: packagist
Packages: ezsystems/ezpublish-kernel
Source: GitHub Advisory Database
Published: almost 2 years ago
Filter by Package
microweber/microweber 68 pimcore/pimcore 44 shopware/platform 40 typo3/cms-core 38 showdoc/showdoc 36 shopware/core 31 librenms/librenms 30 snipe/snipe-it 28 moodle/moodle 25 remdex/livehelperchat 22 dolibarr/dolibarr 21 typo3/cms 18 mautic/core 18 concrete5/concrete5 17 cakephp/cakephp 17 shopware/shopware 17 thorsten/phpmyfaq 16 yetiforce/yetiforce-crm 16 silverstripe/framework 16 baserproject/basercms 15 pocketmine/pocketmine-mp 15 craftcms/cms 14 symfony/symfony 14 grumpydictator/firefly-iii 13 tribalsystems/zenario 13 froxlor/froxlor 13 phpmailer/phpmailer 12 getkirby/cms 12 openmage/magento-lts 12 forkcms/forkcms 12 feehi/feehicms 11 intelliants/subrion 11 getgrav/grav 11 francoisjacquet/rosariosis 11 drupal/core 11 contao/core-bundle 10 october/system 10 centreon/centreon 9 concrete5/core 9 kevinpapst/kimai2 9 ssddanbrown/bookstack 8 topthink/framework 8 sylius/sylius 8 facturascripts/facturascripts 8 elefant/cms 8 impresscms/impresscms 8 magento/community-edition 7 ezsystems/ezpublish-kernel 7 october/cms 7 feehi/cms 7 october/backend 7 codeigniter4/framework 7 laravel/framework 7 simplesamlphp/simplesamlphp 6 guzzlehttp/guzzle 6 smarty/smarty 6 pterodactyl/panel 6 prestashop/prestashop 5 ezsystems/ezplatform-kernel 5 vrana/adminer 5 phpxmlrpc/phpxmlrpc 5 backdrop/backdrop 5 dompdf/dompdf 5 yourls/yourls 5 sulu/sulu 5 phpmyadmin/phpmyadmin 5 bottelet/flarepoint 5 symfony/security-http 5 pear/archive_tar 4 directmailteam/direct-mail 4 flarum/core 4 bolt/bolt 4 ezsystems/ezplatform-admin-ui 4 nukeviet/nukeviet 4 idno/known 4 pagekit/pagekit 4 symfony/http-foundation 4 symfony/http-kernel 4 tinymce 4 TinyMCE 4 tinymce/tinymce 4 wallabag/wallabag 4 cachethq/cachet 4 bytefury/crater 4 typo3/cms-form 3 elgg/elgg 3 spatie/browsershot 3 prestashop/productcomments 3 illuminate/database 3 notrinos/notrinos-erp 3 sylius/resource-bundle 3 symfony/security 3 enshrined/svg-sanitize 3 nystudio107/craft-seomatic 3 ibexa/core 3 nilsteampassnet/teampass 3 silverstripe/assets 3 wwbn/avideo 3 phpoffice/phpspreadsheet 3 twig/twig 3 composer/composer 3 icecoder/icecoder 3 shopware/storefront 3 rudloff/alltube 3 oro/platform 3 facade/ignition 3 gilacms/gila 3 shopxo/shopxo 2 ezsystems/ezplatform-rest 2 miniorange/miniorange-saml 2 yoast-seo-for-typo3/yoast_seo 2 exceedone/laravel-admin 2 exceedone/exment 2 lavalite/cms 2 yiisoft/yii2-dev 2 anchorcms/anchor-cms 2 erusev/parsedown 2 squizlabs/php_codesniffer 2 croogo/croogo 2 billz/raspap-webgui 2 modx/revolution 2 ptrofimov/beanstalk_console 2 symfony/framework-bundle 2 latte/latte 2 symfony/security-bundle 2 alextselegidis/easyappointments 2 october/october 2 studio-42/elfinder 2 silverstripe/graphql 2 getkirby/panel 2 laravel/laravel 2 symfony/cache 2 typo3/html-sanitizer 2 buddypress/buddypress 2 dweeves/magmi 2 silverstripe/cms 2 badaso/core 2 protobuf 2 silverstripe/admin 2 ibexa/admin-ui 2 opencart/opencart 2 processwire/processwire 2 in2code/femanager 2 noumo/easyii 2 typo3/cms-backend 2 oro/commerce 2 october/rain 2 wintercms/winter 2 com.google.protobuf:protobuf-parent 2 Google.Protobuf 2 librenms 2 unisharp/laravel-filemanager 2 league/commonmark 2 aheinze/cockpit 2 packbackbooks/lti-1-3-php-library 2 typo3fluid/fluid 2 verot/class.upload.php 2 cuyz/valinor 2 admidio/admidio 2 phpfastcache/phpfastcache 2 github.com/protocolbuffers/protobuf 2 google/protobuf 2 yiisoft/yii2-gii 2 helloxz/imgurl 2 drupal/drupal 2 filegator/filegator 2 neos/neos 2 s-cart/s-cart 2 ether/logs 2 bolt/core 2 privatebin/privatebin 2 grav 1 amazing/media2click 1 contao/managed-edition 1 vanilla/safecurl 1 livehelperchat/livehelperchat 1 automad/automad 1 swag/paypal 1 xataface/xataface 1 vova07/yii2-fileapi-widget 1 oneup/uploader-bundle 1 appwrite/server-ce 1 litespeed.js 1 laravel/fortify 1 pear/crypt_gpg 1 pwweb/laravel-core 1 joomla/archive 1 czproject/git-php 1 php-mod/curl 1 genix/cms 1 marcwillmann/turn 1 Sylius/Sylius 1 ectouch/ectouch 1 laminas/laminas-form 1 sylius/grid-bundle 1 mgallegos/laravel-jqgrid 1 lexik/jwt-authentication-bundle 1 yiisoft/yii 1 shopware/production 1 matyhtf/framework 1 melisplatform/melis-front 1 pocketmine/bedrock-protocol 1 melisplatform/melis-cms 1 bmarshall511/wordpress_zero_spam 1 statamic/cms 1 symfony/var-exporter 1 web-auth/webauthn-framework 1 yeswiki/yeswiki 1 fenom/fenom 1 open-web-analytics/open-web-analytics 1 t3/dce 1 hillelcoren/invoice-ninja 1 netgen/tagsbundle 1 snipe-it 1 gaoming13/wechat-php-sdk 1 bassjobsen/bootstrap-3-typeahead 1 wpanel/wpanel4-cms 1 socialiteproviders/steam 1 silverstripe/subsites 1 ibexa/graphql 1 symfony/phpunit-bridge 1 bootstrap-3-typeahead 1 simplesamlphp/simplesamlphp-module-openid 1 area17/twill 1 phpservermon/phpservermon 1 yii2mod/yii2-cms 1 s-cart/core 1 luyadev/yii-helpers 1 harvesthq/chosen 1 silverstripe/hybridsessions 1 wp-graphql/wp-graphql 1 sylius/paypal-plugin 1 fluidtypo3/vhs 1 tobiasbg/tablepress 1 andreapollastri/cipi 1 silverstripe/versioned-admin 1 DotNetCasClient 1 doctrine/dbal 1 symfony/serializer 1 silverstripe/silverstripe-omnipay 1 mojo42/jirafeau 1 simplito/elliptic-php 1 guzzlehttp/psr7 1 jasig/phpcas 1 orchid/platform 1 zendframework/zend-http 1 arc/web 1 org.jasig.cas:cas-client 1 james-heinrich/getid3 1 brotkrueml/typo3-matomo-integration 1 phpunit/phpunit 1 brotkrueml/schema 1 krayin/laravel-crm 1 topthink/thinkphp 1 phpmyfaq/phpmyfaq 1 gos/web-socket-bundle 1 symfont/process 1 thinkcmf/thinkcmf 1 phpmussel/phpmussel 1 symfony/security-guard 1 api-platform/core 1 cakephp/database 1 prestashop/ps_emailsubscription 1 topthink/think 1 terminal42/contao-tablelookupwizard 1 limesurvey/limesurvey 1 simplesamlphp/simplesamlphp-module-openidprovider 1 symfony/mime 1 liftkit/database 1 adminer 1 barryvdh/laravel-translation-manager 1 typo3/phar-stream-wrapper 1 kitodo/presentation 1 friendsoftypo3/mediace 1 barrelstrength/sprout-forms 1 symfony/security-core 1 mittwald/typo3_forum 1 barrelstrength/sprout-base-email 1 neoan3-apps/template 1 cardgate/magento2 1 catfan/medoo 1 neorazorx/facturascripts 1 codeception/codeception 1 derhansen/sf_event_mgt 1 islandora/islandora 1 woocommerce/woocommerce 1 hjue/justwriting 1 wanglelecc/laracms 1 nette/application 1 mezzio/mezzio-swoole 1 flarum/tags 1 zendframework/zend-diactoros 1 hyn/multi-tenant 1 symfony/proxy-manager-bridge 1 laminas/laminas-diactoros 1 froala/wysiwyg-editor 1 prestashop/ps_linklist 1 spipu/html2pdf 1 flarum/mentions 1 rankmath/seo-by-rank-math 1