Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS0zMzdjLTNyY2gtcTM1as4AAlcG
Magento php object injection vulnerability
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14YzRwLWo4OWMtcDd4Nc4AAlcF
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wbXhnLXc5YzctZmZtcc4AAlY3
Microweber Discloses Sensitive Information
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ycHcyLXFwY3AtbTQ3eM4AAlYo
Silverstripe CMS XSS Vulnerability
Ecosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNzd3LTY1NWYtNmozbc4AAlYn
Silverstripe CMS malicious file upload enables script execution
Ecosystems: packagist
Packages: silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 29.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01ODlxLTc1cjMtbWZxNM4AAlYy
Silverstripe has Incorrect Default Permissions
Ecosystems: packagist
Packages: silverstripe/graphql, silverstripe/recipe-cms
Source: GitHub Advisory Database
Blast Radius: 13.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nbTV4LWhwbXcteHB4Z84AAlYx
Silverstripe CMS information disclosure
Ecosystems: packagist
Packages: silverstripe/framework, silverstripe/cms
Source: GitHub Advisory Database
Blast Radius: 27.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nZzQ4LW1wcDgtY2dxY84AAlP3
ke_search for Typo3 XSS Vulnerability
Ecosystems: packagist
Packages: tpwd/ke_search
Source: GitHub Advisory Database
Blast Radius: 4.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yM2ZtLXY4OTUtM3F4cc4AAlQF
jh_captcha for Typo3 XSS Vulnerability
Ecosystems: packagist
Packages: haffner/jh_captcha
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01ajR3LXY4N20tOHI2Nc4AAlK_
Magento business logic error vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02dzI5LXg1ajQtcWhyd84AAlK8
Magento security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/community-edition, magento/core
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1nZmZ4LTlmMzYtcjh3cM4AAlLD
Magento security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13N3JoLTl3NXYtcndxas4AAlKh
Magento defense-in-depth security mitigation vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jM200LWh4djktNG14as4AAlKP
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00NWg0LTZnY2otNmh3ds4AAlKO
Magento Stored cross-site scripting
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS01NWd2LWhmZzMtaHdqcc4AAlKV
Magento Defense-in-depth security mitigation vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qMnI0LTJjcjYtaDNyM84AAlKd
Magento Signature verification bypass
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04d203LWgycWgtZmY0Y84AAlKU
Magento authorization bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1jNTVoLTdxNGotZzZycc4AAlKQ
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qMmpwLTU4Z3YtZzJwZ84AAlLP
Magento Security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02ODl3LTJmOTMtMng2N84AAlKJ
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/community-edition, magento/core
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12cnAzLXdjMjgtcWcyaM4AAlKN
Magento Security mitigation bypass vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0ydzJ4LTdxZ2otNHg3OM4AAlJ8
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS00Zjd4LWdqcWMtcXFwZ84AAlKL
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS03MjR4LWdxaHYtOWM1eM4AAlJ-
Magento command injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yMzQ1LXg4aHItMnI5cM4AAlIX
acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation
Ecosystems: packagist
Packages: airesvsg/acf-to-rest-api
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yY21mLTg4cDQtOXdyZ84AAlFm
WooCommerce Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: woocommerce/woocommerce
Source: GitHub Advisory Database
Blast Radius: 19.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14NmdxLXZyNTktNHE1cc4AAlAa
KumbiaPHP Cross-site Scripting
Ecosystems: packagist
Packages: kumbiaphp/kumbiapp
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wOXF3LWZoMzgteDM3Zs4AAk5J
OpenCart Cross-site Scripting
Ecosystems: packagist
Packages: opencart/opencart
Source: GitHub Advisory Database
Blast Radius: 5.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03NGdjLWhmMzMtNTM1M84AAkyp
Fork CMS Cross-site Scripting Vulnerability
Ecosystems: packagist
Packages: forkcms/forkcms
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tNjlyLTRoNjgteHE3as4AAkyr
Knock Knock plugin Open redirection vulnerability
Ecosystems: packagist
Packages: verbb/knock-knock
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNXF2LXAzNzgtM2hocs4AAkyV
Centreon Sensitive Data Exposure vulnerability
Ecosystems: packagist
Packages: centreon/centreon
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13eHZyLXFxbTctNmg2Nc4AAkyU
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
Ecosystems: packagist
Packages: verbb/knock-knock
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wN3JtLWdoOWctNWZyOM4AAkx_
Image Resizer Cross-site Scripting (XSS) in the Bulk Resize action
Ecosystems: packagist
Packages: verbb/image-resizer
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01djVxLTNtN20tOTdqN84AAkyB
Image Resizer Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: verbb/image-resizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12cjZ2LWc5NnAtY2pjM84AAkvA
Moodle vulnerable to RCE
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04OWZwLWo4djctcDgyaM4AAkuw
Microweber allows Unrestricted File Upload
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14dmd4LTY2OGotZjY3cM4AAktE
Subrion CMS XSS
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yM3E3LTU5amotMnBqNM4AAkqf
SEOmatic for CraftCMS allows Server-Side Template Injection
Ecosystems: packagist
Packages: nystudio107/craft-seomatic
Source: GitHub Advisory Database
Blast Radius: 15.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tNjZ4LXdtMjcteHhwY84AAkZr
Dolibarr Cross-Site Request Forgery Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wZm0yLW1xd2otZ2dtNc4AAkIZ
MediaWiki makeCollapsible allows applying event handler to any CSS selector
Ecosystems: packagist
Packages: mediawiki/core
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1ydjYyLTZmNTYtajgzd84AAkF6
Moodle Oauth 2 Insufficiently Protects Against Compromise
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05cjJqLXJnMjQtZnZwas4AAkES
FrozenNode Laravel-Administrator unrestricted file upload
Ecosystems: packagist
Packages: frozennode/administrator
Source: GitHub Advisory Database
Blast Radius: 17.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qd3FwLXdoNWctNGdtbc4AAj_g
CodeIgniter Improper Privilege Management
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 29.3
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNjVyLThmcDgtdzdjeM4AAj_M
phpMyAdmin SQL Injection
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mNGNyLTN4bWMtMndwbc4AAj_F
phpMyAdmin SQL injection vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mY3d3LTh3dmMtMzhxOc4AAj_R
phpMyAdmin SQL injection vulnerability
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04aGMyLWh2cmMteDRxcs4AAj-M
phpBB arbitrary CSS injection
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 16.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zeGg1LTV2NXYtbWZnbc4AAj8g
Moodle reflected Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05amY2LXdxMzQtZmc5d84AAj89
Moodle XSS Vulnerability
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tOThxLXE1OXAtcjlmds4AAj8T
Moodle open redirect vulnerability
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nOGo3LXc2NzMtNG1qcM4AAj7W
Subrion CMS CSRF Vulnerability
Ecosystems: packagist
Packages: intelliants/subrion
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04N3IzLTRnYzgtZjg5N84AAj6T
Dolibarr ERP and CRM contain XSS Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qaDNqLXhmdjItZjltOc4AAj6Q
Dolibarr ERP and CRM SQLi
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nZmhmLTJ4cjUtMmZ2d84AAj6U
Dolibarr ERP and CRM contain XSS Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13ZzI0LTl4bTktNTkzds4AAjz8
phpBB Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS02cTRqLThwam0tNW1nY84AAjvL
SEOmatic for CraftCMS allows Server-Side Template Injection
Ecosystems: packagist
Packages: nystudio107/craft-seomatic
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01cHE1LTlwaHYtcTVqM84AAjrX
CardGate Payments plugin for WooCommerce does not validate request origin
Ecosystems: packagist
Packages: cardgate/woocommerce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1meDM3LTU2djYtODVxNs4AAjos
Silverstripe CSRF Protection Bypass via GraphQL
Ecosystems: packagist
Packages: silverstripe/graphql
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qaDY5LTZ2djItd2ZwNc4AAjnZ
Dolibarr ERP and CRM contain XSS Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS05d2M5LTQ5OHctaDh4ds4AAjcc
Magento deserialization vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04NzRnLXB4cXAtZnJxcM4AAjci
Magento Path Traversal
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tZ2czLXY5NDgtMnZncs4AAjcg
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ycjU5LXBqd2otNmdyas4AAjce
Magento sql injection vulnerability
Ecosystems: packagist
Packages: magento/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS14OXA3LXZncDItOXBxMs4AAjcS
Magento security bypass vulnerability
Ecosystems: packagist
Packages: magneto/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wNXEzLXhnNDctNjUzbc4AAjck
Magento stored cross-site scripting vulnerability
Ecosystems: packagist
Packages: magneto/core, magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1xdmh2LXB3d3ctNTNqas4AAjbG
Typo3 Cross-Site Scripting in Flash component (ELTS)
Ecosystems: packagist
Packages: typo3/cms
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01OTU3LTVjcngtNzlqeM4AAjaE
Zenario CMS vulnerable to CRLF injection
Ecosystems: packagist
Packages: zendframework/zend-http, zendframework/zendframework1, zendframework/zendframework
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcHFjLWc0cjgtNmh4Z84AAjVP
phpBB Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02OXE3LWh3dzQtOHBqcc4AAjU8
phpBB allows CSRF
Ecosystems: packagist
Packages: phpbb/phpbb
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qNGZxLTNmbTctd2g1ds4AAjQs
Magento arbitrary PHP code execution via the productData parameter
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mZ2o4LTkzeHgtZjZnNs4AAjO6
phpMyAdmin SQL injection in user accounts page
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1nOW0yLWMyeDUtZnIyds4AAjM2
Moodle does not revoke role capabilities correctly
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yZzIzLXFtbXAtZnZtcs4AAjK6
Bolt Cross-site Scripting via the slug, teaser or title parameters
Ecosystems: packagist
Packages: bolt/bolt
Source: GitHub Advisory Database
Blast Radius: 14.4
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1wZ3BoLW1jNHAtZjhjM84AAi34
phpMyAdmin unsanitized Git information
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 11.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mNmgzLTY2eHItaHFyMs4AAiz5
Dolibarr ERP and CRM contain XSS Vulnerability
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS02OTJ4LTg5eHYtNjRqeM4AAiwH
Pagekit File Upload vulnerability
Ecosystems: packagist
Packages: pagekit/pagekit
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tNHgzLXhtanYtcjc3OM4AAitR
Pimcore Cross-site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qaGNmLWo0aGctdjY0cs4AAitC
Pimcore Access Control Issues
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 2 years ago
High
GSA_kwCzR0hTQS04ODg5LTlnM2YtNzNyas4AAitK
Pimcore Discloses Usernames In Use
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oZjYyLTV2eGgtanB3as4AAitU
Pimcore 2FA Vulnerable to Brute Forcing
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02dmM4LTN4ZjItcXJ4eM4AAil8
Magento 2 Community Edition RCE Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xcGM4LW0yeG0tOXc3Nc4AAimD
Magento Remote code execution through catalog attribute sets
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qNDl4LWpqbWotOWZxas4AAil4
Magento XSS Vulnerability
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1wNzgzLWdqNm0tOXI4OM4AAilu
Magento 2 Community Edition RCE Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mNzNoLTIyNGMtNjJxcs4AAil7
Magento Server-Side Request Forgery (SSRF)
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS00N2g2LWhmcHYtN3Boas4AAilz
Magento 2 Community Edition RCE Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS04cDVjLWY4MzYtbTRoN84AAils
Magento 2 Community Edition XML Injection
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS03NzV3LWd4M2YtNGo0Zs4AAilr
Magento 2 Community Edition SSRF vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 7.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xcDQzLTJ2aGYtY2o4Z84AAil1
Magento Remote code execution through support/output path modification
Ecosystems: packagist
Packages: magento/core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yNzNyLXY4ODgtdmdjNs4AAimA
Magento Cross-site Scripting (XSS)
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1qam1nLXhtcTItZzZmZs4AAil9
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02bTI3LTNyOHEtYzdmN84AAily
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04NnBjLTZtbTgtNTQycs4AAilt
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS12OGZnLXAyN2gtbXhqcM4AAil2
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS12cGc5LWdxN2otbXhxZ84AAilq
Magento 2 Community Edition RCE Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yOThxLXd2MmgtdjV2d84AAiln
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04NXh3LTNocDUtNmZtY84AAilm
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qcmp4LThnbXctamoycc4AAimQ
Magento 2 Community Edition RCE Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1namptLTR4M2ctM2gzM84AAilj
Magento 2 Community Edition XSS Vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Statistics
Advisories: 17,807
Packages: 8,189
Repositories: 561
Ecosystems: 12
Filter by Severity
Moderate 7,640 High 6,195 Critical 2,726 Low 964
Filter by Ecosystem
maven 5,511 pypi 3,539 npm 3,530 packagist 3,470 go 1,837 nuget 1,390 rubygems 812 cargo 773 swift 31 hex 29 actions 16 pub 8
Filter by Package
moodle/moodle 318 magento/community-edition 182 pimcore/pimcore 116 typo3/cms 94 microweber/microweber 91 phpmyadmin/phpmyadmin 76 typo3/cms-core 70 thorsten/phpmyfaq 70 drupal/core 70 dolibarr/dolibarr 56 drupal/drupal 56 concrete5/concrete5 52 librenms/librenms 52 shopware/platform 47 symfony/symfony 46 baserproject/basercms 43 showdoc/showdoc 40 craftcms/cms 36 shopware/core 35 snipe/snipe-it 32 intelliants/subrion 31 mautic/core 28 froxlor/froxlor 28 centreon/centreon 27 silverstripe/framework 27 shopware/shopware 26 magento/core 24 prestashop/prestashop 24 getgrav/grav 24 pocketmine/pocketmine-mp 23 remdex/livehelperchat 23 nilsteampassnet/teampass 22 grumpydictator/firefly-iii 22 getkirby/cms 22 forkcms/forkcms 18 tribalsystems/zenario 18 cakephp/cakephp 17 cockpit-hq/cockpit 17 francoisjacquet/rosariosis 17 yetiforce/yetiforce-crm 16 contao/core-bundle 15 openmage/magento-lts 15 phpmailer/phpmailer 14 zendframework/zendframework1 14 typo3/cms-backend 14 impresscms/impresscms 13 october/system 13 symfony/security 13 elefant/cms 13 ezsystems/ezpublish-kernel 13 codeigniter4/framework 13 phpbb/phpbb 12 bolt/bolt 12 phpmyfaq/phpmyfaq 12 symfony/security-http 12 lavalite/cms 12 smarty/smarty 12 studio-42/elfinder 12 silverstripe/cms 11 zendframework/zendframework 11 feehi/feehicms 11 contao/contao 11 topthink/framework 11 feehi/cms 11 opencart/opencart 10 dompdf/dompdf 10 wallabag/wallabag 10 pimcore/admin-ui-classic-bundle 10 sylius/sylius 10 ezsystems/ezplatform-kernel 10 wwbn/avideo 10 admidio/admidio 10 simplesamlphp/simplesamlphp 9 TinyMCE 9 concrete5/core 9 alextselegidis/easyappointments 9 tinymce/tinymce 9 tinymce 9 october/october 9 funadmin/funadmin 9 ssddanbrown/bookstack 9 kevinpapst/kimai2 9 laravel/framework 9 sulu/sulu 8 october/cms 8 facturascripts/facturascripts 8 pimcore/customer-management-framework-bundle 8 gilacms/gila 8 statamic/cms 7 silverstripe/admin 7 flarum/core 7 symfony/http-foundation 7 silverstripe/graphql 7 croogo/croogo 7 october/backend 7 pterodactyl/panel 6 guzzlehttp/guzzle 6 in2code/femanager 6 composer/composer 6 pagekit/pagekit 6 yourls/yourls 6 directmailteam/direct-mail 6 backdrop/backdrop 6 nystudio107/craft-seomatic 6 phpxmlrpc/phpxmlrpc 5 automad/automad 5 typo3/cms-install 5 cachethq/cachet 5 billz/raspap-webgui 5 elgg/elgg 5 yiisoft/yii2 5 phpseclib/phpseclib 5 dweeves/magmi 5 vrana/adminer 5 symfony/http-kernel 5 anchorcms/anchor-cms 5 pear/archive_tar 5 oro/platform 5 bottelet/flarepoint 5 bagisto/bagisto 5 gugoan/economizzer 5 ibexa/core 5 bytefury/crater 4 spatie/browsershot 4 typo3/html-sanitizer 4 bref/bref 4 symfony/security-bundle 4 typo3/cms-frontend 4 ezsystems/ezplatform-admin-ui 4 magento/product-community-edition 4 wintercms/winter 4 idno/known 4 codeigniter4/shield 4 modx/revolution 4 woocommerce/woocommerce 4 shopware/storefront 4 phpservermon/phpservermon 4 silverstripe/assets 4 symfony/security-core 4 notrinos/notrinos-erp 4 nukeviet/nukeviet 4 oro/commerce 4 artesaos/seotools 3 zendframework/zendservice-technorati 3 icecoder/icecoder 3 ckeditor4 3 enhavo/enhavo-app 3 typo3/cms-form 3 flarum/framework 3 mantisbt/mantisbt 3 zendframework/zendservice-slideshare 3 zendframework/zendservice-nirvanix 3 zendframework/zendservice-audioscrobbler 3 joomla/framework 3 froala/wysiwyg-editor 3 zencart/zencart 3 pixelfed/pixelfed 3 verot/class.upload.php 3 zendframework/zendrest 3 illuminate/database 3 prestashop/productcomments 3 sylius/resource-bundle 3 facade/ignition 3 twig/twig 3 apache-solr-for-typo3/solr 3 joomla/joomla-cms 3 limesurvey/limesurvey 3 uvdesk/community-skeleton 3 yiisoft/yii2-dev 3 quickapps/cms 3 processwire/processwire 3 zendframework/zendservice-api 3 enshrined/svg-sanitize 3 rudloff/alltube 3 zendframework/zendopenid 3 appwrite/server-ce 3 phenx/php-svg-lib 3 adodb/adodb-php 3 zoujingli/thinkadmin 3 zendframework/zendservice-amazon 3 codeigniter/framework 3 zendframework/zendservice-windowsazure 3 shopxo/shopxo 3 kimai/kimai 3 tecnickcom/tcpdf 3 phpoffice/phpspreadsheet 3 league/commonmark 2 friendsofsymfony1/symfony1 2 verbb/image-resizer 2 ezsystems/ezplatform-rest 2 yuan1994/tpadmin 2 yiisoft/yii 2 protobuf 2 squizlabs/php_codesniffer 2 elijaa/phpmemcacheadmin 2 prestashop/blockreassurance 2 laminas/laminas-diactoros 2 cecil/cecil 2 getkirby/panel 2 unisharp/laravel-filemanager 2
Filter by Repository
https://github.com/moodle/moodle 210 https://github.com/pimcore/pimcore 111 https://github.com/microweber/microweber 85 https://github.com/thorsten/phpmyfaq 69 https://github.com/librenms/librenms 45 https://github.com/shopware/platform 43 https://github.com/TYPO3/typo3 42 https://github.com/symfony/symfony 40 https://github.com/star7th/showdoc 38 https://github.com/concretecms/concretecms 34 https://github.com/phpmyadmin/phpmyadmin 34 https://github.com/octobercms/october 33 https://github.com/magento/magento2 31 https://github.com/snipe/snipe-it 28 https://github.com/craftcms/cms 28 https://github.com/mautic/mautic 27 https://github.com/froxlor/froxlor 26 https://github.com/Dolibarr/dolibarr 26 https://github.com/shopware/shopware 24 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/getgrav/grav 23 https://github.com/baserproject/basercms 22 https://github.com/firefly-iii/firefly-iii 22 https://github.com/PrestaShop/PrestaShop 20 https://github.com/nilsteampassnet/teampass 19 https://github.com/getkirby/kirby 18 https://github.com/liufee/cms 17 https://github.com/forkcms/forkcms 16 https://github.com/contao/contao 16 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/intelliants/subrion 15 https://github.com/OpenMage/magento-lts 15 https://github.com/centreon/centreon 15 https://github.com/PHPMailer/PHPMailer 14 https://github.com/cockpit-hq/cockpit 14 https://github.com/centreon/centreon-archived 12 https://github.com/silverstripe/silverstripe-framework 12 https://github.com/Studio-42/elFinder 11 https://github.com/cakephp/cakephp 11 https://github.com/dompdf/dompdf 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/drupal/core 11 https://github.com/ezsystems/ezpublish-kernel 10 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/dolibarr/dolibarr 10 https://github.com/WWBN/AVideo 10 https://github.com/smarty-php/smarty 10 https://github.com/pimcore/admin-ui-classic-bundle 10 https://github.com/alextselegidis/easyappointments 9 https://github.com/funadmin/funadmin 9 https://github.com/bolt/bolt 9 https://github.com/neorazorx/facturascripts 9 https://github.com/kevinpapst/kimai2 9 https://github.com/LavaLite/cms 9 https://github.com/tinymce/tinymce 9 https://github.com/francoisjacquet/rosariosis 8 https://github.com/simplesamlphp/simplesamlphp 8 https://github.com/Sylius/Sylius 8 https://github.com/admidio/admidio 8 https://github.com/top-think/framework 8 https://github.com/sulu/sulu 8 https://github.com/pimcore/customer-data-framework 8 https://github.com/laravel/framework 8 https://github.com/GilaCMS/gila 8 https://github.com/wallabag/wallabag 8 https://github.com/ezsystems/ezplatform-kernel 7 https://github.com/flarum/framework 7 https://github.com/bookstackapp/bookstack 6 https://github.com/ImpressCMS/impresscms 6 https://github.com/wintercms/winter 6 https://github.com/statamic/cms 6 https://github.com/croogo/croogo 6 https://gitlab.com/francoisjacquet/rosariosis 6 https://github.com/yiisoft/yii2 6 https://github.com/oroinc/orocommerce 6 https://github.com/TribalSystems/Zenario 6 https://github.com/pterodactyl/panel 6 https://github.com/nystudio107/craft-seomatic 6 https://github.com/guzzle/guzzle 6 https://github.com/jbroadway/elefant 5 https://github.com/Bottelet/DaybydayCRM 5 https://github.com/zendframework/zf1 5 https://github.com/phpseclib/phpseclib 5 https://github.com/composer/composer 5 https://sourceforge.net/projects/phpmyadmin.sourceforge.net 5 https://github.com/gggeek/phpxmlrpc 5 https://github.com/dub-flow/vulnerability-research 5 https://github.com/silverstripe/silverstripe-graphql 5 https://github.com/RaspAP/raspap-webgui 5 https://github.com/ibexa/core 5 https://github.com/pear/Archive_Tar 5 https://github.com/vrana/adminer 5 https://github.com/nukeviet/nukeviet 4 https://github.com/phpservermon/phpservermon 4 https://github.com/codeigniter4/shield 4 https://github.com/backdrop/backdrop 4 https://github.com/spatie/browsershot 4 https://github.com/yourls/yourls 4 https://github.com/screetsec/VDD 4 https://github.com/fiveai/Cachet 4 https://github.com/oroinc/platform 4 https://github.com/brefphp/bref 4 https://github.com/hieuminhnv/Zenario-CMS-last-version 4 https://github.com/opencart/opencart 4 https://github.com/LimeSurvey/LimeSurvey 4 https://github.com/silverstripe/silverstripe-admin 4 https://github.com/TYPO3/html-sanitizer 4 https://github.com/pagekit/pagekit 4 https://github.com/ezsystems/ezplatform-admin-ui 4 https://github.com/crater-invoice/crater 4 https://github.com/PrestaShop/productcomments 3 https://github.com/modxcms/revolution 3 https://github.com/Rudloff/alltube 3 https://github.com/elgg/elgg 3 https://github.com/dd3x3r/enhavo 3 https://github.com/liufee/feehicms 3 https://github.com/quickapps/cms 3 https://github.com/concrete5/concrete5 3 https://github.com/darylldoyle/svg-sanitizer 3 https://github.com/guzzle/psr7 3 https://github.com/mantisbt/mantisbt 3 https://github.com/appwrite/appwrite 3 https://github.com/TYPO3-Solr/ext-solr 3 https://github.com/kimai/kimai 3 https://github.com/zendframework/zendframework 3 https://github.com/uvdesk/community-skeleton 3 https://github.com/nilsteampassnet/TeamPass 3 https://github.com/oroinc/crm 3 https://github.com/BookStackApp/BookStack 3 https://github.com/Sylius/SyliusResourceBundle 3 https://github.com/Athlon1600/php-proxy-app 3 https://github.com/in2code-de/femanager 3 https://github.com/bagisto/bagisto 3 https://github.com/artesaos/seotools 3 https://github.com/idno/known 3 https://github.com/notrinos/notrinoserp 3 https://github.com/facade/ignition 3 https://github.com/ADOdb/ADOdb 3 https://github.com/pixelfed/pixelfed 3 https://github.com/twigphp/Twig 3 https://github.com/ptrofimov/beanstalk_console 2 https://github.com/orchidsoftware/platform 2 https://github.com/nette/latte 2 https://github.com/Ek-Saini/security 2 https://github.com/FriendsOfSymfony1/symfony1 2 https://github.com/dweeves/magmi-git 2 https://github.com/nu11secur1ty/CVE-nu11secur1ty 2 https://github.com/Froxlor/Froxlor 2 https://github.com/dompdf/php-svg-lib 2 https://github.com/reportico-web/reportico 2 https://github.com/gleez/cms 2 https://github.com/filegator/filegator 2 https://github.com/ezsystems/ezplatform-rest 2 https://github.com/mustgundogdu/Research 2 https://github.com/PHPSocialNetwork/phpfastcache 2 https://github.com/PHPOffice/PhpSpreadsheet 2 https://github.com/gongfuxiang/shopxo 2 https://github.com/PrestaShop/blockreassurance 2 https://github.com/flarum/core 2 https://github.com/YOURLS/YOURLS 2 https://github.com/phpmyadmin/composer 2 https://github.com/Admidio/admidio 2 https://github.com/phpbb/phpbb 2 https://github.com/z-song/laravel-admin 2 https://github.com/zoujingli/ThinkAdmin 2 https://github.com/packbackbooks/lti-1-3-php-library 2 https://github.com/ethercreative/logs 2 https://github.com/Elgg/Elgg 2 https://github.com/wp-graphql/wp-graphql 2 https://github.com/Codiad/Codiad 2 https://github.com/squizlabs/PHP_CodeSniffer 2 https://github.com/Cockpit-HQ/Cockpit 2 https://github.com/icecoder/ICEcoder 2 https://github.com/ckeditor/ckeditor4 2 https://github.com/woocommerce/woocommerce 2 https://github.com/cecilapp/cecil 2 https://github.com/CCCCCrash/POCs 2 https://github.com/anchorcms/anchor-cms 2 https://github.com/buddypress/BuddyPress 2 https://github.com/laminas/laminas-diactoros 2 https://github.com/bolt/core 2 https://github.com/tecnickcom/TCPDF 2 https://github.com/thephpleague/commonmark 2 https://github.com/KnpLabs/snappy 2 https://github.com/thinkcmf/thinkcmf 2 https://github.com/kitodo/kitodo-presentation 2 https://github.com/apereo/phpCAS 2 https://github.com/api-platform/core 2 https://github.com/top-think/thinkphp 2 https://github.com/tpwd/ke_search 2 https://github.com/TYPO3/Fluid 2 https://github.com/TYPO3/phar-stream-wrapper 2 https://github.com/uasoft-indonesia/badaso 2 https://github.com/UniSharp/laravel-filemanager 2 https://github.com/azuracast/azuracast 2 https://github.com/aws/aws-sdk-php 2 https://github.com/verbb/image-resizer 2