Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist froxlor/froxlor Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS14NTI1LTU0aGYteHI1M84AA74W
Blind XSS Leading to Froxlor Application Compromise
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
High
GSA_kwCzR0hTQS02MjVnLWZtNXctdzd3NM4AA4Mn
Froxlor username/surname AND company field Bypass
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Critical
GSA_kwCzR0hTQS00amNoLThxcTUtaHFnNs4AA3CO
Froxlor Improper Input Validation vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS1jdnd2LWg4NW0tdzM3aM4AA2b7
Cross-site Scripting (XSS) in froxlor/froxlor
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1qNWhxLTZmcmMtNjR2M84AA2bd
Cross-site Scripting (XSS) in froxlor/froxlor
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Low
GSA_kwCzR0hTQS05cm1mLTZxZ2otZzN3as4AA1Og
Froxlor vulnerable to business logic errors
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
GSA_kwCzR0hTQS1jNnY1LXBmNjYteGZxOM4AA0tO
Froxlor vulnerable to Improper Encoding or Escaping of Output
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 1 year ago
Moderate
GSA_kwCzR0hTQS1qcjY2LTlnaGYtNmdwM84AAzxm
Froxlor Session Fixation vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
GSA_kwCzR0hTQS1naHFxLWpmeDctZjZtOc4AAzvu
Froxlor vulnerable to Path Traversal
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1jaHc0LTg4eGMtNzl3Ns4AAzvv
Froxlor vulnerable to Improper Restriction of Excessive Authentication Attempts
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS00Z205LWM5anEtZzUyM84AAzaE
Froxlor vulnerable to Allocation of Resources Without Limits or Throttling
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1xd3ZwLWc5ajctMjhmNs4AAyxG
froxlor/froxlor vulnerable to unrestricted upload of file with dangerous type
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1qODN4LXI5cXEtOWc0ds4AAyBh
Froxlor is vulnerable to authentication bypass
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wN3FxLXJydncteDU1eM4AAxzp
Froxlor Cross-Site Request Forgery vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS12cDRyLWg3NjUtNW13cM4AAxtC
Code Injection in froxlor/froxlor
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS05ZnFjLTljcHItdzczcc4AAxav
froxlor is vulnerable to privilege escalation from customer to root via directory-options
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13N3c0LXFqZ2ctMzcyeM4AAxPp
Froxlor contains Static Code Injection
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS12cXFtLWM5Z3gtNzczcc4AAxPr
Froxlor contains Business Logic Errors
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zY2h3LThqcTItdzc2Oc4AAxPn
Froxlor contains Unchecked Error Condition
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1wbTcyLTI3bWctZmMyOM4AAxPg
Froxlor contains Weak Password Requirements
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS1jcDY4LTQycGYtNjYyN84AAw_a
Froxlor vulnerable to Command Injection
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14cDNnLTI3MjktcnhtM84AAw_b
Froxlor is vulnerable to path traversal
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13NnFmLWo0cXItZjk0Ns4AAwrc
Froxlor Improper Authorization vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02Z3d4LWd3NTYtcWhmN84AAwrZ
Froxlor vulnerable to Cross-Site Request Forgery
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zdjdtLTJqcmgtdmM5M84AAwrL
Froxlor vulnerable to Argument Injection
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02cmp2LXh4Z3ItdjU3eM4AAvt6
Froxlor vulnerable to code injection
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oOTV3LXAzeDYtd3dqNs4AAvti
Froxlor vulnerable to Code Injection
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05eGdwLTNteHAtcnY3eM4AAugs
Froxlor vulnerable to Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jdjI0LXZoNDUtNGhqbc4AAqaq
Foxlor cross-site scripting (XSS) vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS02ZnZ3LXg2Z3ctNHd2OM4AAqQt
Froxlor SQL injection vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wMjljLWpwZ2otdjU3cs4AAjxW
Froxlor arbitrary code execution via the database configuration options
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qOXdyLW1qNjktY3Ftds4AAjxa
Froxlor Exposure of Sensitive Information to an Unauthorized Actor
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1odmdmLTJyZjctd3J4Oc4AAjxY
Froxlor Information Disclosure
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS1xajZoLW03eGMtcjJ2M84AAb6j
Froxlor guessable password reset token
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1yNmc4LW1xOXYtY2dwNM4AASqX
Froxlor Incorrect Access Control
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNzd2LW0yMjYtM2Y3Z838dg
Froxlor PHP Object Injection vulnerability
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qNzM5LWd3NnEtZjRjN807Vw
HTML Injection in Froxlor
Ecosystems: packagist
Packages: froxlor/froxlor
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Statistics
Advisories: 19,486
Packages: 8,600
Repositories: 4
Ecosystems: 12
Filter by Package
moodle/moodle 342 magento/community-edition 204 typo3/cms 174 pimcore/pimcore 117 dolibarr/dolibarr 111 typo3/cms-core 106 phpmyadmin/phpmyadmin 92 microweber/microweber 91 drupal/core 91 silverstripe/framework 83 drupal/drupal 76 thorsten/phpmyfaq 70 symfony/symfony 64 librenms/librenms 54 concrete5/concrete5 52 shopware/platform 48 baserproject/basercms 43 showdoc/showdoc 40 craftcms/cms 40 intelliants/subrion 39 froxlor/froxlor 37 nilsteampassnet/teampass 37 shopware/core 36 zendframework/zendframework1 34 snipe/snipe-it 33 shopware/shopware 30 mautic/core 30 getgrav/grav 29 centreon/centreon 27 prestashop/prestashop 26 magento/core 24 mediawiki/core 24 remdex/livehelperchat 23 pocketmine/pocketmine-mp 23 zendframework/zendframework 23 grumpydictator/firefly-iii 23 simplesamlphp/simplesamlphp 23 getkirby/cms 22 contao/core-bundle 21 tribalsystems/zenario 20 laravel/framework 19 contao/contao 18 forkcms/forkcms 18 cockpit-hq/cockpit 18 cakephp/cakephp 17 francoisjacquet/rosariosis 17 genix/cms 17 ezsystems/ezpublish-kernel 17 topthink/framework 17 symfony/security 17 opencart/opencart 16 yetiforce/yetiforce-crm 16 ec-cube/ec-cube 15 openmage/magento-lts 15 october/system 15 smarty/smarty 15 phpmailer/phpmailer 14 typo3/cms-backend 14 symfony/security-http 14 silverstripe/cms 14 lavalite/cms 13 bolt/bolt 13 impresscms/impresscms 13 codeigniter4/framework 13 elefant/cms 13 studio-42/elfinder 12 phpmyfaq/phpmyfaq 12 dompdf/dompdf 12 phpbb/phpbb 12 tinymce/tinymce 11 TinyMCE 11 pimcore/admin-ui-classic-bundle 11 sylius/sylius 11 symfony/http-foundation 11 tinymce 11 wwbn/avideo 11 feehi/feehicms 11 ezsystems/ezplatform-kernel 11 feehi/cms 11 wallabag/wallabag 10 ssddanbrown/bookstack 10 nukeviet/nukeviet 10 admidio/admidio 10 pagekit/pagekit 10 yiisoft/yii2 10 ezsystems/ezpublish-legacy 10 kevinpapst/kimai2 9 concrete5/core 9 contao/core 9 october/october 9 alextselegidis/easyappointments 9 funadmin/funadmin 9 statamic/cms 8 october/cms 8 silverstripe/admin 8 croogo/croogo 8 pimcore/customer-management-framework-bundle 8 facturascripts/facturascripts 8 composer/composer 8 sulu/sulu 8 codiad/codiad 8 silverstripe/graphql 8 gilacms/gila 8 pterodactyl/panel 7 mantisbt/mantisbt 7 wpglobus/wpglobus 7 flarum/core 7 ezsystems/ezplatform-admin-ui 7 passbolt/passbolt_api 7 october/backend 7 symfony/http-kernel 7 zoujingli/thinkadmin 6 vrana/adminer 6 yourls/yourls 6 directmailteam/direct-mail 6 nystudio107/craft-seomatic 6 guzzlehttp/guzzle 6 dweeves/magmi 6 phpseclib/phpseclib 6 oro/platform 6 in2code/femanager 6 backdrop/backdrop 6 gleez/cms 6 bagisto/bagisto 6 yiisoft/yii2-dev 6 elgg/elgg 5 neos/flow 5 symfony/security-core 5 woocommerce/woocommerce 5 neos/neos 5 cachethq/cachet 5 illuminate/database 5 typo3/cms-install 5 automad/automad 5 phpxmlrpc/phpxmlrpc 5 simplesamlphp/saml2 5 silverstripe/assets 5 ibexa/core 5 bottelet/flarepoint 5 anchorcms/anchor-cms 5 phpservermon/phpservermon 5 billz/raspap-webgui 5 gugoan/economizzer 5 twig/twig 5 codeigniter/framework 5 typo3/flow 5 thinkcmf/thinkcmf 5 pear/archive_tar 5 sylius/resource-bundle 4 spatie/browsershot 4 typo3/html-sanitizer 4 oro/commerce 4 notrinos/notrinos-erp 4 magento/product-community-edition 4 idno/known 4 wintercms/winter 4 shopxo/shopxo 4 bref/bref 4 kimai/kimai 4 appwrite/server-ce 4 symfony/security-bundle 4 shopware/storefront 4 friendsofsymfony/user-bundle 4 ezsystems/ezplatform 4 pyrocms/pyrocms 4 evolutioncms/evolution 4 codeigniter4/shield 4 zendframework/zendopenid 4 wp-premium/gravityforms 4 modx/revolution 4 bytefury/crater 4 typo3/cms-frontend 4 adodb/adodb-php 4 joomla/framework 3 pixelfed/pixelfed 3 zendframework/zend-diactoros 3 swiftmailer/swiftmailer 3 limesurvey/limesurvey 3 amphp/http-client 3 symfony/form 3 processwire/processwire 3 enhavo/enhavo-app 3 illuminate/auth 3 verot/class.upload.php 3 froala/wysiwyg-editor 3 zendframework/zend-http 3 ckeditor4 3 enshrined/svg-sanitize 3 prestashop/productcomments 3 qcubed/qcubed 3 django-tinymce 3 yiisoft/yii 3 tecnickcom/tcpdf 3 artesaos/seotools 3 privatebin/privatebin 3 quickapps/cms 3 doctrine/orm 3 rudloff/alltube 3 bbpress/bbpress 3 verbb/comments 3