Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist Security Advisories

Browse all Security Advisories for packagist

Loading...
Moderate
GSA_kwCzR0hTQS1naHd3LWN2NHYtaG14eM0s1w
Cross-Site Request Forgery microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1oMmZqLTc3d2gtZmg1d80s0A
Cross-site Scripting in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1qNTd3LTNjMzktZ3BwNc0svQ
Improper Privilege Management in Snipe-IT
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS12OXA5LTUzNXctNDI4Nc0shg
Prototype Pollution in litespeed.js and appwrite/server-ce
Ecosystems: packagist, npm
Packages: appwrite/server-ce, litespeed.js
Source: GitHub Advisory Database
Blast Radius: 13.3
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1mOGZ2LWY3ODYtOTkzM80skg
Magento improper input validation vulnerability
Ecosystems: packagist
Packages: magento/community-edition
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: almost 3 years ago
High
GSA_kwCzR0hTQS0zM3dmLTRjcm0tMjMyMs0sag
Improper Access Control in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1wcGZtLXJqNnAtMzhxNs0sYw
Improper Authorization in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0yNTRxLXJxbXctdng0Nc0sYQ
Exposure of Sensitive Information to an Unauthorized Actor in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1najI2LWc1cWYtanJoN80sYA
Cross-site Scripting in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12cHE3LW00cW0tcDJncM0sVw
Microweber vulnerable to Improper Validation of Specified Quantity in Input
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1ydzk4LTU4NDYtcHFoeM0sWA
Open redirect in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1oeG1yLTVndjktNnA4ds0ryw
Cross-site Scripting in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1xcHYyLWp4YzctMzYzOM0rzw
Exposure of Sensitive Information in snipe/snipe-it
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS0zODlwLWZjaHItcTJtZ80r8Q
Path Traversal in ImpressCMS
Ecosystems: packagist
Packages: impresscms/impresscms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1ycDM0LTg1eDMtMzc2NM0r8A
Cross-site Scripting in librenms
Ecosystems: packagist
Packages: librenms/librenms
Source: GitHub Advisory Database
Blast Radius: 1.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1oOXZjLTJwOWctNjNncM0r-w
Exposure of Sensitive Information to an Unauthorized Actor in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 15.9
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12NnZnLXB4dnYtZzVjcc0rwg
Improper Privilege Management in Snipe-IT
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1mcXg4LXYzM3AtNHFjY80rtQ
Cross-site Scripting in enshrined/svg-sanitize
Ecosystems: packagist
Packages: enshrined/svg-sanitize
Source: GitHub Advisory Database
Blast Radius: 19.9
Published: almost 3 years ago
High
GSA_kwCzR0hTQS12bTM3LWo1NWotODY1Nc0rfQ
OS Command Injection in Microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1yOTkyLXhwaDYtaDd4Ms0reA
Open redirect in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0zbTM2LW1qd2otMzUyY80rQQ
Drupal core Cross-site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS12OHdyLXI2OXAtbW13eM0rQw
Unrestricted Upload of File with Dangerous Type in Drupal core
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1jNTMzLWM4NDMtNjdoOM0rSw
Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1qNTg2LWNqNjctdmc0cM0rQg
Cross-Site Request Forgery in Drupal core
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1tNnE1LXd2NHgtZnY2aM0rRw
Cross-site Scripting in Drupal Core
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1tbWpyLTVxNzQtcDNtNM0rRQ
Exposure of Resource to Wrong Sphere in Drupal Core
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 3 years ago
High
GSA_kwCzR0hTQS0zeHIzLXBoanAtZzZwMs0rPA
Drupal core access bypass vulnerability
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1xZmhnLW02cjgteHhwas0rPw
Incorrect Authorization in Drupal core
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1oNjc2LXBqcjQtaGdxeM0rZg
Path Traversal in S-Cart
Ecosystems: packagist
Packages: s-cart/s-cart
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1ncjIzLWcyNzYteGM3M80q0w
Cross Site Request Forgery in concrete5/concrete5
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS13bWo5LXhoMjQtajRneM0qhQ
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
High
GSA_kwCzR0hTQS03NWpwLTg3dzItYzZ4Ms0qWQ
ThinkPHP Remote Code Execution (RCE) vulnerability
Ecosystems: packagist
Packages: topthink/framework
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: almost 3 years ago
High
GSA_kwCzR0hTQS12M21yLWdwN2otcHc1d80oqQ
Possible SQL injection in tablelookupwizard Contao Extension
Ecosystems: packagist
Packages: terminal42/contao-tablelookupwizard
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwNHgtOTRmZi0yY212
Cross-site scripting in forkcms
Ecosystems: packagist
Packages: forkcms/forkcms
Source: GitHub Advisory Database
Blast Radius: 3.7
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0Z20tcHhoMy0yOWZx
Unrestricted Uploads in Concrete5
Ecosystems: packagist
Packages: concrete5/concrete5
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozM2otZmcyZy1tY3Yy
Cross-Site Request Forgery in CakePHP
Ecosystems: packagist
Packages: cakephp/cakephp
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2YzUtdjdody1oNWgy
Cross-site Scripting in RosarioSIS
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBxY2Ytdjh2NS1qbWNn
Zip slip in Microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 5.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS01bXYyLXJ4M3EtNHcyds0pgA
Code injection in Twig
Ecosystems: packagist
Packages: twig/twig
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqNGotMjg3ai1mNzQy
Cross-site Scripting in Contao
Ecosystems: packagist
Packages: contao/core-bundle, contao/core, contao/contao
Source: GitHub Advisory Database
Blast Radius: 20.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1jM2o4LXE1eDYtMjg1Nc0qMA
Studio 42 elFinder allows stored XSS
Ecosystems: packagist
Packages: studio-42/elfinder
Source: GitHub Advisory Database
Blast Radius: 16.9
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0yY2pmLXc3YzQtZmhmNs0qIQ
Cross-site Scripting in Beanstalk console
Ecosystems: packagist
Packages: ptrofimov/beanstalk_console
Source: GitHub Advisory Database
Blast Radius: 5.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS14eHE0LTM3NDItM2gyOM0p0Q
Generation of Error Message Containing Sensitive Information in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1qanZtLTNtZnEtN2djN80pzA
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS03eDJoLTN2MnYtMjRwOc0pww
Cross-Site Request Forgery in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1jZzNoLXJjOXEtZzh2Oc0pwQ
Cross-site Scripting in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1teGgzLTI2OTktOThnOc0pxg
Cross-site Scripting pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01N3FmLTgyaGgtMmhtY80pfQ
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01cTV3LW1xcDYtZzJnaM0pXg
Unrestricted Upload of File with Dangerous Type in jsdecena/laracom
Ecosystems: packagist
Packages: jsdecena/laracom
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0zMm0yLTlmNzYtNGd2OM0pOg
Business Logic Errors in SilverStripe Framework
Ecosystems: packagist
Packages: silverstripe/framework
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1najg1LXB2cDUtbXZmOc0pLQ
Cross-site Scripting in Beanstalk console
Ecosystems: packagist
Packages: ptrofimov/beanstalk_console
Source: GitHub Advisory Database
Blast Radius: 5.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0yODdyLTU3NHgtZjRoNM0oGg
RosarioSIS XSS Vulnerability
Ecosystems: packagist
Packages: francoisjacquet/rosariosis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1mNzY4LThwdnEtbW02cs0oDA
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12d3hwLTlxbWYtdzI5Oc0n3Q
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
High
GSA_kwCzR0hTQS12dm1yLTg4MjktNndoeM0n8Q
CSRF token missing in Symfony
Ecosystems: packagist
Packages: symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 38.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS03eDIyLXBtdzUtNjZtcc0l8w
Cross-site Scripting in showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS05Y2h4LTJ2cXctOHZxNc0oDQ
Path Traversal in the Logs plugin for Craft CMS
Ecosystems: packagist
Packages: ether/logs
Source: GitHub Advisory Database
Blast Radius: 5.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01NHFxLTljaGotcnhods0nPQ
Cross-site Scripting in LiveHelperChat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1qcTRwLW1xMzMtdzM3Nc0nOQ
Cross-site Scripting when rendering error messages in laminas-form
Ecosystems: packagist
Packages: laminas/laminas-form
Source: GitHub Advisory Database
Blast Radius: 18.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS13NGhwLXBjcDgtcWhmM80nNQ
Cross-site Scripting in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04d2NjLWYydnEtaDRneM0nNw
Cross-site Scripting in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01OXFoLWc3bTQtajltOc0m0w
Cross-site Scripting in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS14M2czLWpoMjYtNzZjZs0m0g
Cross-site Scripting in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04eDQ0LXB3cjItcmdjNs0nMA
Cross-site Scripting in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04d2YyLTNnZ2otNzhxOc0l9Q
Improper Authentication in phpmyadmin
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12Y3djLTZtcjktOG03Y80l9A
Cross-site Scripting in phpmyadmin
Ecosystems: packagist
Packages: phpmyadmin/phpmyadmin
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1wcmZmLTZqOHEtdnJ2N80mvw
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS0zajU4LXA3ODUtZjI3eM0mwA
Cross-site Scripting in microweber
Ecosystems: packagist
Packages: microweber/microweber
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS02amhtLTR2bXgtbXI3Ns0mbA
SQL injection in Moodle
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: almost 3 years ago
Low
GSA_kwCzR0hTQS1tNDM0LW01cHYtcDM1d80mbQ
Insufficient user authorization in Moodle
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS05M3BqLTRwNjUtcW1yOc0maw
Insufficient user authorization in Moodle
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: almost 3 years ago
High
GSA_kwCzR0hTQS14cGZ2LTg5dmctcjU2Ms0mag
Cross Site Request Forgery in Moodle
Ecosystems: packagist
Packages: moodle/moodle
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS02dmZ3LTc0d3ItM2NoaM0nNg
Cross-site Scripting in Crater Invoice
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1tcnE0LTdjaDctMjQ2Nc0mqQ
Server Side Twig Template Injection
Ecosystems: packagist
Packages: prestashop/prestashop
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS03MzV2LXd4NzUteG1tbc0mmg
Cross-site Scripting in grav
Ecosystems: packagist
Packages: getgrav/grav
Source: GitHub Advisory Database
Blast Radius: 5.4
Published: almost 3 years ago
High
GSA_kwCzR0hTQS03ZzdyLWdyNDYtcTRwNc0mJA
Cross-Site Request Forgery in yetiforce
Ecosystems: packagist
Packages: yetiforce/yetiforce-crm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS02NW1qLTdjODYtNzlqZs0mAA
Authentication Bypass in ADOdb/ADOdb
Ecosystems: packagist
Packages: adodb/adodb-php
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS03NTI4LTdqZzUtNmc2Ms0l_g
Cross-site Scripting Vulnerability in CodeIgniter4
Ecosystems: packagist
Packages: codeigniter4/framework
Source: GitHub Advisory Database
Blast Radius: 18.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS00cm1yLWMyangtdngyN80l0A
Mustache remote code injection vulnerability
Ecosystems: packagist
Packages: mustache/mustache
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1mN3E2LXh4cGgtbWZtOM0m0A
Cross-site Scripting in Pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS14aDlnLWNwM3YtcDhxNM0myA
Missing Authorization in Crater Invoice
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS03N3JtLTl4OWgteGozZ80mxQ
NULL Pointer Dereference in Protocol Buffers
Ecosystems: maven, pypi, go, packagist, nuget
Packages: com.google.protobuf:protobuf-java, protobuf, github.com/protocolbuffers/protobuf, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Blast Radius: 111.3
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS05Y3E1LXhnZzQteDQ3N80mxg
SQL Injection in showdoc
Ecosystems: packagist
Packages: showdoc/showdoc
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS00NTV3LWd2NXAtd2dnM80kXg
Cross-site Scripting in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01NGh3LW1oZ2gteDR2Y80kXQ
Business Logic Errors in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS14YzQ3LTNyY2gtY3Y1N80j7A
Improper Access Control in snipe-it
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS04bTI4LXc2eGctMzVod80jzg
Cross-Site Request Forgery (CSRF) in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS02am1oLTlncW0tNXhyeM0jwQ
Cross-Site Request Forgery (CSRF) in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS13M3YzLWN4cTUtOXZyNM0itA
Incorrect Default Permissions and Improper Access Control in snipe-it
Ecosystems: packagist
Packages: snipe/snipe-it
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1qNTQ1LWZyaDMtcjlncc0jxg
SQL Injection in dolibarr
Ecosystems: packagist
Packages: dolibarr/dolibarr
Source: GitHub Advisory Database
Blast Radius: 6.5
Published: almost 3 years ago
High
GSA_kwCzR0hTQS13cHBqLTNwanItOXc3Oc0irw
crater is vulnerable to Unrestricted Upload of File with Dangerous Type
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS03MjhjLTQycGMtZnd4Z80kAw
Unrestricted Upload of File with Dangerous Type in Crater
Ecosystems: packagist
Packages: bytefury/crater
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS12NTY3LXEyNjctcGhwZ80kBg
pimcore is vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
High
GSA_kwCzR0hTQS12ajl4LXc3Y2gtZjQ2cM0kBw
pimcore is vulnerable to SQL Injection
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01cjl2LTh3NjItcjI2as0kCQ
livehelperchat is vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 3.8
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS01N2hnLTI2aDctOXFnds0kCA
pimcore is vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 13.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS03M3E5LTdwd2otZ200Ns0kGg
icecoder is vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: icecoder/icecoder
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS00eHd3LTZoN3YtMjlqZ80gyw
User enumeration in livehelperchat
Ecosystems: packagist
Packages: remdex/livehelperchat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1jNjk3LXIyMjctcHE2aM0kag
Unrestricted Upload of File with Dangerous Type in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 19.4
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS00ZjV4LXE0amMteGZjZs0kWw
Cross-site Scripting in pimcore
Ecosystems: packagist
Packages: pimcore/pimcore
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: almost 3 years ago
Statistics
Advisories: 20,742
Packages: 9,073
Repositories: 717
Ecosystems: 12
Filter by Severity
Moderate 8,854 High 7,307 Critical 3,076 Low 1,150
Filter by Ecosystem
maven 5,876 packagist 4,635 pypi 4,397 npm 3,818 go 2,303 nuget 1,552 cargo 890 rubygems 880 swift 33 hex 32 actions 21 pub 9
Filter by Package
moodle/moodle 367 magento/community-edition 235 typo3/cms 174 pimcore/pimcore 118 dolibarr/dolibarr 113 typo3/cms-core 106 microweber/microweber 94 drupal/core 92 phpmyadmin/phpmyadmin 92 silverstripe/framework 85 drupal/drupal 78 librenms/librenms 74 thorsten/phpmyfaq 70 symfony/symfony 69 concrete5/concrete5 60 shopware/platform 52 baserproject/basercms 47 craftcms/cms 46 showdoc/showdoc 40 shopware/core 40 intelliants/subrion 39 froxlor/froxlor 38 mautic/core 37 nilsteampassnet/teampass 37 snipe/snipe-it 35 zendframework/zendframework1 34 shopware/shopware 30 getgrav/grav 29 mediawiki/core 28 centreon/centreon 27 prestashop/prestashop 26 contao/core-bundle 24 magento/core 24 remdex/livehelperchat 23 simplesamlphp/simplesamlphp 23 pocketmine/pocketmine-mp 23 zendframework/zendframework 23 grumpydictator/firefly-iii 23 tribalsystems/zenario 22 getkirby/cms 22 funadmin/funadmin 20 laravel/framework 20 contao/contao 19 forkcms/forkcms 18 topthink/framework 18 cockpit-hq/cockpit 18 symfony/security 17 francoisjacquet/rosariosis 17 cakephp/cakephp 17 opencart/opencart 17 ezsystems/ezpublish-kernel 17 genix/cms 17 yetiforce/yetiforce-crm 16 openmage/magento-lts 16 typo3/cms-backend 16 phpbb/phpbb 16 symfony/security-http 15 october/system 15 ec-cube/ec-cube 15 smarty/smarty 15 phpmailer/phpmailer 14 dompdf/dompdf 14 bolt/bolt 14 silverstripe/cms 14 feehi/cms 14 impresscms/impresscms 13 lavalite/cms 13 pimcore/admin-ui-classic-bundle 13 studio-42/elfinder 13 elefant/cms 13 admidio/admidio 13 sylius/sylius 13 codeigniter4/framework 13 symfony/http-foundation 12 wwbn/avideo 12 phpoffice/phpspreadsheet 12 phpmyfaq/phpmyfaq 12 wallabag/wallabag 11 ezsystems/ezplatform-kernel 11 feehi/feehicms 11 pagekit/pagekit 11 tinymce 11 TinyMCE 11 tinymce/tinymce 11 nukeviet/nukeviet 11 ezsystems/ezpublish-legacy 10 october/october 10 ssddanbrown/bookstack 10 sulu/sulu 10 yiisoft/yii2 10 bootstrap 9 twbs/bootstrap 9 bootstrap 9 org.webjars:bootstrap 9 contao/core 9 bootstrap 9 kevinpapst/kimai2 9 concrete5/core 9 statamic/cms 9 alextselegidis/easyappointments 9 codiad/codiad 8 gilacms/gila 8 pterodactyl/panel 8 silverstripe/admin 8 twig/twig 8 pimcore/customer-management-framework-bundle 8 silverstripe/graphql 8 facturascripts/facturascripts 8 mantisbt/mantisbt 8 october/cms 8 composer/composer 8 ezsystems/ezplatform-admin-ui 8 croogo/croogo 8 flarum/core 7 october/backend 7 symfony/http-kernel 7 backdrop/backdrop 7 wpglobus/wpglobus 7 bootstrap-sass 7 bootstrap.sass 7 billz/raspap-webgui 7 passbolt/passbolt_api 7 directmailteam/direct-mail 6 in2code/femanager 6 gleez/cms 6 nystudio107/craft-seomatic 6 bagisto/bagisto 6 guzzlehttp/guzzle 6 yourls/yourls 6 oro/platform 6 phpseclib/phpseclib 6 vrana/adminer 6 yiisoft/yii2-dev 6 dweeves/magmi 6 icecoder/icecoder 6 pear/archive_tar 6 zoujingli/thinkadmin 6 symfony/security-core 5 bootstrap-sass 5 cachethq/cachet 5 phpxmlrpc/phpxmlrpc 5 woocommerce/woocommerce 5 typo3/cms-install 5 typo3/flow 5 elgg/elgg 5 kimai/kimai 5 anchorcms/anchor-cms 5 limesurvey/limesurvey 5 mautic/core-lib 5 ibexa/core 5 gugoan/economizzer 5 thinkcmf/thinkcmf 5 bottelet/flarepoint 5 neos/flow 5 neos/neos 5 silverstripe/assets 5 simplesamlphp/saml2 5 illuminate/database 5 codeigniter/framework 5 phpservermon/phpservermon 5 symfony/security-bundle 5 zendframework/zendopenid 4 bref/bref 4 oro/commerce 4 wintercms/winter 4 idno/known 4 notrinos/notrinos-erp 4 typo3/cms-frontend 4 typo3/html-sanitizer 4 ezsystems/ezplatform 4 tecnickcom/tcpdf 4 spatie/browsershot 4 reportico-web/reportico 4 ezyang/htmlpurifier 4 processwire/processwire 4 magento/product-community-edition 4 modx/revolution 4 shopxo/shopxo 4 appwrite/server-ce 4 sylius/resource-bundle 4 pyrocms/pyrocms 4 bytefury/crater 4 friendsofsymfony/user-bundle 4 adodb/adodb-php 4 evolutioncms/evolution 4 automad/automad 4 wp-premium/gravityforms 4 shopware/storefront 4 codeigniter4/shield 4 swiftmailer/swiftmailer 3 symfony/form 3 symfony/framework-bundle 3 yiisoft/yii 3 qcubed/qcubed 3 illuminate/auth 3 doctrine/orm 3 rudloff/alltube 3 getformwork/formwork 3 flarum/framework 3 pixelfed/pixelfed 3
Filter by Repository
https://github.com/moodle/moodle 218 https://github.com/pimcore/pimcore 113 https://github.com/microweber/microweber 88 https://github.com/TYPO3/typo3 74 https://github.com/thorsten/phpmyfaq 69 https://github.com/librenms/librenms 66 https://github.com/symfony/symfony 64 https://github.com/silverstripe/silverstripe-framework 64 https://github.com/Dolibarr/dolibarr 56 https://github.com/shopware/platform 43 https://github.com/concretecms/concretecms 41 https://github.com/star7th/showdoc 38 https://github.com/magento/magento2 38 https://github.com/phpmyadmin/phpmyadmin 38 https://github.com/mautic/mautic 35 https://github.com/octobercms/october 35 https://github.com/craftcms/cms 34 https://github.com/snipe/snipe-it 30 https://github.com/shopware/shopware 28 https://github.com/baserproject/basercms 26 https://github.com/froxlor/froxlor 26 https://github.com/contao/contao 25 https://github.com/TYPO3/TYPO3.CMS 24 https://github.com/getgrav/grav 24 https://github.com/livehelperchat/livehelperchat 23 https://github.com/pmmp/PocketMine-MP 23 https://github.com/firefly-iii/firefly-iii 23 https://github.com/PrestaShop/PrestaShop 22 https://github.com/funadmin/funadmin 20 https://github.com/simplesamlphp/simplesamlphp 20 https://github.com/nilsteampassnet/teampass 19 https://github.com/getkirby/kirby 19 https://github.com/nilsteampassnet/TeamPass 18 https://github.com/intelliants/subrion 18 https://github.com/liufee/cms 17 https://github.com/yetiforcecompany/yetiforcecrm 16 https://github.com/OpenMage/magento-lts 16 https://github.com/TYPO3-CMS/core 16 https://github.com/forkcms/forkcms 16 https://github.com/laravel/framework 16 https://github.com/zendframework/zendframework 15 https://github.com/dompdf/dompdf 15 https://github.com/centreon/centreon 15 https://github.com/PHPMailer/PHPMailer 15 https://github.com/cockpit-hq/cockpit 14 https://github.com/centreon/centreon-archived 12 https://github.com/PHPOffice/PhpSpreadsheet 12 https://github.com/pimcore/admin-ui-classic-bundle 12 https://github.com/smarty-php/smarty 12 https://github.com/ezsystems/ezpublish-kernel 11 https://github.com/top-think/framework 11 https://github.com/tinymce/tinymce 11 https://github.com/thorsten/phpMyFAQ 11 https://github.com/cakephp/cakephp 11 https://github.com/drupal/core 11 https://github.com/yiisoft/yii2 11 https://github.com/Sylius/Sylius 11 https://github.com/Studio-42/elFinder 11 https://github.com/dolibarr/dolibarr 11 https://github.com/WWBN/AVideo 11 https://github.com/opencart/opencart 10 https://github.com/codeigniter4/CodeIgniter4 10 https://github.com/sulu/sulu 10 https://github.com/semplon/GeniXCMS 9 https://github.com/LavaLite/cms 9 https://github.com/bolt/bolt 9 https://github.com/neorazorx/facturascripts 9 https://github.com/kevinpapst/kimai2 9 https://github.com/alextselegidis/easyappointments 9 https://github.com/wallabag/wallabag 9 https://github.com/TribalSystems/Zenario 8 https://github.com/francoisjacquet/rosariosis 8 https://github.com/pimcore/customer-data-framework 8 https://github.com/pterodactyl/panel 8 https://github.com/Froxlor/Froxlor 8 https://github.com/statamic/cms 8 https://github.com/admidio/admidio 8 https://github.com/mantisbt/mantisbt 8 https://github.com/GilaCMS/gila 8 https://github.com/twbs/bootstrap 7 https://github.com/twigphp/Twig 7 https://github.com/RaspAP/raspap-webgui 7 https://github.com/ezsystems/ezplatform-kernel 7 https://github.com/flarum/framework 7 https://github.com/pagekit/pagekit 7 https://github.com/d4wner/Vulnerabilities-Report 7 https://github.com/passbolt/passbolt_api 7 https://github.com/croogo/croogo 7 https://github.com/Codiad/Codiad 7 https://github.com/composer/composer 7 https://github.com/ezsystems/ezplatform-admin-ui 6 https://github.com/phpseclib/phpseclib 6 https://github.com/silverstripe/silverstripe-graphql 6 https://github.com/bookstackapp/bookstack 6 https://github.com/guzzle/guzzle 6 https://github.com/nystudio107/craft-seomatic 6 https://github.com/ezsystems/ezpublish-legacy 6 https://github.com/gleez/cms 6 https://github.com/oroinc/orocommerce 6 https://github.com/wintercms/winter 6 https://github.com/LimeSurvey/LimeSurvey 6 https://github.com/ImpressCMS/impresscms 6 https://gitlab.com/francoisjacquet/rosariosis 6 https://github.com/vrana/adminer 6 https://github.com/jbroadway/elefant 5 https://github.com/oroinc/platform 5 https://github.com/dub-flow/vulnerability-research 5 https://github.com/gggeek/phpxmlrpc 5 https://sourceforge.net/projects/phpmyadmin.sourceforge.net 5 https://github.com/Admidio/admidio 5 https://github.com/zendframework/zf1 5 https://github.com/nukeviet/nukeviet 5 https://github.com/contao/core 5 https://github.com/Bottelet/DaybydayCRM 5 https://github.com/backdrop/backdrop 5 https://github.com/thinkcmf/thinkcmf 5 https://github.com/ibexa/core 5 https://github.com/shopware5/shopware 5 https://github.com/pear/Archive_Tar 5 https://github.com/ezsystems/ezplatform 4 https://github.com/oroinc/crm 4 https://github.com/Sylius/SyliusResourceBundle 4 https://github.com/fiveai/Cachet 4 https://github.com/ADOdb/ADOdb 4 https://github.com/yourls/yourls 4 https://github.com/crater-invoice/crater 4 https://github.com/kimai/kimai 4 https://github.com/zoujingli/ThinkAdmin 4 https://github.com/reportico-web/reportico 4 https://github.com/bagisto/bagisto 4 https://github.com/hieuminhnv/Zenario-CMS-last-version 4 https://github.com/phpservermon/phpservermon 4 https://github.com/silverstripe/silverstripe-admin 4 https://github.com/BookStackApp/BookStack 4 https://github.com/spatie/browsershot 4 https://github.com/TYPO3/html-sanitizer 4 https://github.com/brefphp/bref 4 https://github.com/appwrite/appwrite 4 https://github.com/codeigniter4/shield 4 https://github.com/concrete5/concrete5 3 https://github.com/phpbb/phpbb-app 3 https://github.com/facade/ignition 3 https://github.com/phpbb/phpbb 3 https://github.com/verbb/comments 3 https://github.com/elgg/elgg 3 https://github.com/xjzzzxx/vulFound 3 https://github.com/PrivateBin/PrivateBin 3 https://github.com/FriendsOfSymfony/FOSUserBundle 3 https://github.com/PrestaShop/productcomments 3 https://github.com/pixelfed/pixelfed 3 https://github.com/alexbsec/CVEs 3 https://github.com/darylldoyle/svg-sanitizer 3 https://github.com/flarum/core 3 https://github.com/dd3x3r/enhavo 3 https://github.com/idno/known 3 https://github.com/modxcms/revolution 3 https://github.com/in2code-de/femanager 3 https://github.com/in2code-de/powermail 3 https://github.com/ezsystems/ezplatform-richtext 3 https://github.com/belong2yourself/vulnerabilities 3 https://github.com/notrinos/notrinoserp 3 https://github.com/guzzle/psr7 3 https://github.com/tecnickcom/TCPDF 3 https://github.com/quickapps/cms 3 https://github.com/TYPO3-Solr/ext-solr 3 https://github.com/Athlon1600/php-proxy-app 3 https://github.com/wikimedia/mediawiki 3 https://github.com/qcubed/qcubed 3 https://github.com/Rudloff/alltube 3 https://github.com/livewire/livewire 3 https://github.com/orchidsoftware/platform 3 https://github.com/uvdesk/community-skeleton 3 https://github.com/liufee/feehicms 3 https://github.com/artesaos/seotools 3 https://github.com/woocommerce/woocommerce 3 https://github.com/getformwork/formwork 3 https://github.com/aimeos/ai-admin-graphql 3 https://github.com/Elgg/Elgg 2 https://github.com/ezsystems/repository-forms 2 https://github.com/ezsystems/ezplatform-rest 2 https://github.com/robrichards/xmlseclibs 2 https://github.com/sartlabs/0days 2 https://github.com/ethercreative/logs 2 https://github.com/Ek-Saini/security 2 https://github.com/firebase/php-jwt 2 https://github.com/filegator/filegator 2 https://github.com/ptrofimov/beanstalk_console 2 https://github.com/filamentphp/filament 2 https://github.com/pyrocms/pyrocms 2 https://github.com/nu11secur1ty/CVE-nu11secur1ty 2 https://github.com/nette/latte 2 https://github.com/helloxz/imgurl 2 https://github.com/hieuminhnv/Zenario-CMS-9.0-last-version 2 https://github.com/mustgundogdu/Research 2 https://github.com/munkireport/munkireport-php 2 https://github.com/ibexa/admin-ui 2 https://github.com/icecoder/ICEcoder 2 https://github.com/z-song/laravel-admin 2 https://github.com/marcantondahmen/automad 2