packagist
Security Advisories in packagist
Moderate
about 7 hours ago
EGroupware Vulnerable to Local File Inclusion via file:// URI in Mail Compose
packagist
egroupware/egroupware
High
about 7 hours ago
EGroupware has Authenticated RCE via Malicious eTemplate Upload
packagist
egroupware/egroupware
Critical
about 7 hours ago
EGroupware has a Remote Code Execution Vulnerability
packagist
egroupware/egroupware
High
about 22 hours ago
Craft CMS: Potential authenticated Remote Code Execution via referrer redirect
packagist
craftcms/cms
Moderate
about 22 hours ago
Craft CMS: Stored XSS via Structure entry title in table view
packagist
craftcms/cms
Moderate
about 22 hours ago
Craft CMS: Sensitive File Disclosure / Server-Side File Read
packagist
craftcms/cms
High
about 22 hours ago
Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget
packagist
craftcms/cms
Moderate
about 23 hours ago
Craft CMS: Authenticated "assets/preview-thumb" discloses signed fallback transform preview link to CP users without asset-view permission
packagist
craftcms/cms
Critical
1 day ago
Formie Hidden field defaults vulnerable to Server-Side Template Injection
packagist
verbb/formie
High
5 days ago
SimpleSAMLphp SP accepts a response from an unexpected IdP when unsigned `Response/InResponseTo` is combined with a signed assertion lacking `SubjectConfirmationData/InResponseTo`
packagist
simplesamlphp/simplesamlphp
Low
5 days ago
Kimai Favorite Timesheet Add and Remove Endpoints Allows Cross-User Bookmark Manipulation
packagist
kimai/kimai
High
5 days ago
SimpleSAMLphp has Possible DoS via XPath Transform
packagist
simplesamlphp/saml2-legacy, simplesamlphp/saml2
High
5 days ago
SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass
packagist
simplesamlphp/saml2-legacy, simplesamlphp/saml2
High
5 days ago
Craft CMS Vulnerable to Unauthorized Deletion of Destination Folders During Forced Moves
packagist
craftcms/cms
High
5 days ago
Craft CMS's mass assignment via id in newAttributes during bulk duplicate overwrites existing elements
packagist
craftcms/cms
Moderate
5 days ago
Mautic has Stored Cross-Site Scripting (XSS) in Project Option Selector
packagist
mautic/core
High
5 days ago
Mautic has Stored Cross-Site Scripting (XSS) in Projects Component
packagist
mautic/core
Critical
5 days ago
Mautic has Server-Side Template Injection (SSTI) in Theme Templates
packagist
mautic/core
Moderate
5 days ago
Froxlor customer can create MySQL databases on disallowed servers via Mysqls.add API
packagist
froxlor/froxlor
Moderate
5 days ago
Froxlor: Authenticated customers can read other customers' allowed sender aliases
packagist
froxlor/froxlor
High
5 days ago
Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows deletion of other users' assets
packagist
craftcms/cms
Moderate
5 days ago
Craft CMS: Unauthorized Deletion of Source Assets During File Replacement
packagist
craftcms/cms
Moderate
5 days ago
Craft CMS: Authorization bypass in `entries/move-to-section` via missing target-section save check
packagist
craftcms/cms
High
5 days ago
Craft CMS: Authorship spoofing in `entries/save-entry` via pre-check/post-mutation authorization gap
packagist
craftcms/cms
High
5 days ago
mediawiki/maps has stored XSS through the overlays parameter in the display_map parser function
packagist
mediawiki/maps
High
6 days ago
Twig: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders for a cached `Template`
packagist
twig/twig
Low
6 days ago
Schema.org has cross-site scripting (XSS) via script break-out in toScript() output
packagist
spatie/schema-org
Moderate
6 days ago
EasyAdminBundle has path traversal and reflected XSS in Flag and Icon Twig components
packagist
easycorp/easyadmin-bundle
Moderate
7 days ago
Paymenter has race condition in payWithCredit() that enables credit double-spend
packagist
paymenter/paymenter
Moderate
7 days ago
Twig: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`
packagist
twig/twig
Moderate
7 days ago
Twig: Sandbox `__toString()` policy bypass via `Traversable` in `join` and `replace` filters
packagist
twig/twig
Moderate
7 days ago
Twig: Sandbox `__toString()` policy bypass via dynamic mapping keys
packagist
twig/twig
Low
7 days ago
Twig: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
packagist
twig/twig
High
7 days ago
Paymenter has URL parameter injection that bypasses paid plan limits at checkout
packagist
paymenter/paymenter
Low
11 days ago
Statamic CMS's incorrect authorization lets view-only users submit Live Preview content reserved for editors
packagist
statamic/cms
Moderate
11 days ago
Statamic Vulnerable to CSV formula injection in form submission exports
packagist
statamic/cms
Moderate
11 days ago
Statamic Vulnerable to Server-Side Request Forgery via Glide (DNS rebinding)
packagist
statamic/cms
High
11 days ago
SolidInvoice: IDOR in LiveComponent allows same-company cross-user access to API tokens and notification transport settings
packagist
solidinvoice/solidinvoice
High
11 days ago
Statamic CMS's unsafe method invocation via collection sorting allows data destruction
packagist
statamic/cms
Moderate
11 days ago
Statamic CMS: Missing authorization on Control Panel fieldtype endpoints allows disclosure of restricted resources
packagist
statamic/cms
Moderate
11 days ago
PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option
packagist
pontedilana/php-weasyprint
Low
11 days ago
PhpWeasyPrint vulnerable to arbitrary file deletion at shutdown via public $temporaryFiles
packagist
pontedilana/php-weasyprint
High
11 days ago
PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)
packagist
pontedilana/php-weasyprint
Low
11 days ago
Aimeos Pagible CMS vulnerable to Server Side Request Forgery (SSRF) via DNS rebinding in admin proxy
packagist
aimeos/pagible
High
11 days ago
php-weasyprint: shell command injection via configurable WeasyPrint binary path due to inverted is_executable() guard (mirror of KnpLabs/snappy GHSA-vpr4-p6fq-85jc)
packagist
pontedilana/php-weasyprint
High
11 days ago
phpMyFAQ has an incomplete fix for GHSA-xvp4-phqj-cjr3 — editUser() and updateUserRights() lack authorization guards
packagist
phpmyfaq/phpmyfaq, thorsten/phpmyfaq
Moderate
11 days ago
WebauthnAuthenticator leaks sensitive HTTP headers through INFO-level logs
packagist
web-auth/webauthn-symfony-bundle
Moderate
11 days ago
CakePHP: View::element() is missing a path containment check
packagist
cakephp/cakephp
High
11 days ago
PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling
packagist
php-standard-library/php-standard-library, php-standard-library/h2
Moderate
11 days ago
Pterodactyl Panel: Client email change endpoint allows enumeration of accounts in system
packagist
pterodactyl/panel
High
12 days ago
Filament: Multi-factor authentication (app) recovery codes can still be used multiple times via concurrent submission
packagist
filament/filament
High
14 days ago
Snipe-IT API Vulnerable to Cross-Tenant Accessory Injection
packagist
snipe/snipe-it
Low
14 days ago
Snipe-IT's S3 signature image retrieval lacks authorization before temporary URL
packagist
snipe/snipe-it
Low
14 days ago
Snipe-IT has Improper Authorization in File Deletion (IDOR)
packagist
snipe/snipe-it
Moderate
14 days ago
Snipe-IT Vulnerable to Privilege Escalation via Missing admin Permission Check in User Creation
packagist
snipe/snipe-it
Moderate
14 days ago
Snipe-IT has Multi-Tenancy Bypass via Bulk Asset Update
packagist
snipe/snipe-it
Moderate
14 days ago
Snipe-IT Vulnerable to User Account Escalation via CSV Import
packagist
snipe/snipe-it
Moderate
14 days ago
Snipe-IT's TOTP is Brute-Forceable Due to Missing Rate Limiting on `POST /two-factor`
packagist
snipe/snipe-it
Moderate
14 days ago
phpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)
packagist
phpmyfaq/phpmyfaq, thorsten/phpmyfaq
High
14 days ago
Snipe-IT: Bulk editing users allowed `ldap_import` and `activated_in` bulk editing users
packagist
snipe/snipe-it
Moderate
14 days ago
Filament: Unauthenticated temporary file upload on auth pages
packagist
filament/filament
Moderate
14 days ago
Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment
packagist
snipe/snipe-it
Low
14 days ago
phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing
packagist
phpmyfaq/phpmyfaq, thorsten/phpmyfaq
Moderate
14 days ago
Filament: Unvalidated ImageColumn and ImageEntry values can be used for XSS
packagist
filament/tables, filament/infolists
Moderate
14 days ago
Filament: Timing-based user enumeration on login page
packagist
filament/filament
Moderate
14 days ago
AVideo Meet plugin: anonymous-to-admin stored XSS via unescaped participant User-Agent in getMeetInfo.json.php Participants panel
packagist
wwbn/avideo
Moderate
15 days ago
Paymenter has broken object level authorization via service reference manipulation on ticket creation
packagist
paymenter/paymenter
Moderate
15 days ago
Paymenter doesn't reset email verification status after email change
packagist
paymenter/paymenter
Moderate
15 days ago
Paymenter has Blind Unauthenticated SSRF on the Paypal gateway module
packagist
paymenter/paymenter
Moderate
15 days ago
AVideo has an Authorize.Net Webhook Signature Bypass that Enables Wallet Balance Inflation via Forged Payment Data
packagist
wwbn/avideo
High
15 days ago
AVideo Vulnerable to Unauthenticated .env File Exposure via Official Docker Compose Configuration
packagist
wwbn/avideo
Moderate
15 days ago
AVideo's Privilege Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions
packagist
wwbn/avideo
Critical
15 days ago
Paymenter vulnerable to Remote Code Execution via public file uploads
packagist
paymenter/paymenter
High
18 days ago
symfony/ux-toolkit: Path Traversal Allows Arbitrary File Write and Read via Crafted Recipe Manifest
packagist
symfony/ux-toolkit
Moderate
18 days ago
symfony/ux-icons: XSS via unsanitized SVG content in local files and Iconify on-demand responses
packagist
symfony/ux-icons
High
18 days ago
StarCitizenWiki Extension Embed Video: Stored XSS via malformed src url with $wgEmbedVideoRequireConsent enabled
packagist
starcitizenwiki/embedvideo
Moderate
18 days ago
Craft Commerce: Coupon Code Brute-Force via Rate Limit Bypass
packagist
craftcms/commerce
Moderate
18 days ago
Craft Commerce: Partial Payment Amount Without Lower Bound Validation
packagist
craftcms/commerce
Critical
18 days ago
Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in actionResourceJs
packagist
craftcms/cms
High
18 days ago
StarCitizenWiki Extension Embed Video: Stored XSS via unsanitized class passed to template
packagist
starcitizenwiki/embedvideo
High
18 days ago
StarCitizenWiki Extension Embed Video: Stored XSS via unsanitized service name in exception text
packagist
starcitizenwiki/embedvideo
Moderate
18 days ago
symfony/ux-autocomplete: XSS via unescaped AJAX response data
packagist
symfony/ux-autocomplete
Low
18 days ago
symfony/ux-live-component: CSRF Protection Bypass — Accept Header is CORS-Safelisted
packagist
symfony/ux-live-component
Low
18 days ago
symfony/ux-live-component: LiveComponentHydrator HMAC checksum lacks component and slot binding
packagist
symfony/ux-live-component
Moderate
18 days ago
symfony/ux-autocomplete: Information exposure via unescaped LIKE wildcards in EntitySearchUtil
packagist
symfony/ux-autocomplete
Moderate
18 days ago
symfony/ux-live-component: XSS via attacker-controlled child component tag
packagist
symfony/ux-live-component
Low
18 days ago
symfony/ux-live-component: Denial of service via unbounded batch action requests
packagist
symfony/ux-live-component
Moderate
18 days ago
ux-live-component: Format-less date LiveProps parsed with the permissive DateTime constructor
packagist
symfony/ux-live-component
Moderate
18 days ago
guzzlehttp/guzzle: Dot-Only Cookie Domains Match All Hosts
packagist
guzzlehttp/guzzle
Moderate
18 days ago
guzzlehttp/psr7: CRLF Injection in HTTP Start-Line Serialization
packagist
guzzlehttp/psr7
Moderate
18 days ago
guzzlehttp/guzzle: Silent HTTPS-Proxy Downgrade to Cleartext
packagist
guzzlehttp/guzzle
Filter by Severity
Filter by Package
moodle/moodle
437
magento/community-edition
361
typo3/cms
166
wwbn/avideo
144
pimcore/pimcore
131
dolibarr/dolibarr
125
typo3/cms-core
121
magento/project-community-edition
120
concrete5/concrete5
119
craftcms/cms
114
phpmyadmin/phpmyadmin
107
drupal/core
107
thorsten/phpmyfaq
105
microweber/microweber
105
librenms/librenms
100
silverstripe/framework
90
symfony/symfony
90
shopware/platform
74
drupal/drupal
71
getgrav/grav
69
mantisbt/mantisbt
65
shopware/core
65
mautic/core
57
snipe/snipe-it
57
baserproject/basercms
56
froxlor/froxlor
55
admidio/admidio
49
getkirby/cms
47
showdoc/showdoc
42
nilsteampassnet/teampass
42
intelliants/subrion
41
phpmyfaq/phpmyfaq
40
statamic/cms
37
ci4-cms-erp/ci4ms
36
shopware/shopware
33
zendframework/zendframework1
32
prestashop/prestashop
31
contao/core-bundle
31
pocketmine/pocketmine-mp
30
phpoffice/phpspreadsheet
28
mediawiki/core
28
centreon/centreon
27
funadmin/funadmin
26
openmage/magento-lts
26
cockpit-hq/cockpit
26
grumpydictator/firefly-iii
25
laravel/framework
25
twig/twig
24
typo3/cms-backend
24
magento/core
24
simplesamlphp/simplesamlphp
23
remdex/livehelperchat
23
october/system
22
tribalsystems/zenario
22
zendframework/zendframework
22
kimai/kimai
21
feehi/cms
21
craftcms/commerce
21
bagisto/bagisto
20
facturascripts/facturascripts
20
topthink/framework
19
cakephp/cakephp
19
sylius/sylius
19
contao/contao
18
forkcms/forkcms
18
genix/cms
18
yeswiki/yeswiki
18
francoisjacquet/rosariosis
17
pterodactyl/panel
17
yetiforce/yetiforce-crm
17
devcode-it/openstamanager
17
opencart/opencart
17
phpbb/phpbb
17
pimcore/admin-ui-classic-bundle
16
WWBN/AVideo
16
ec-cube/ec-cube
16
codeigniter4/framework
15
ezsystems/ezpublish-kernel
15
bolt/bolt
15
studio-42/elfinder
15
smarty/smarty
15
silverstripe/cms
15
symfony/security-http
15
TinyMCE
14
phpmailer/phpmailer
14
alextselegidis/easyappointments
14
tinymce/tinymce
14
lavalite/cms
14
modx/revolution
14
tinymce
14
feehi/feehicms
14
dompdf/dompdf
14
sulu/sulu
14
pagekit/pagekit
13
elefant/cms
13
impresscms/impresscms
13
redaxo/source
13
composer/composer
12
october/october
12
yiisoft/yii2
12
nukeviet/nukeviet
12
symfony/security
12
symfony/http-foundation
12
wallabag/wallabag
12
leantime/leantime
12
ezsystems/ezpublish-legacy
11
ssddanbrown/bookstack
10
phpseclib/phpseclib
10
spatie/browsershot
10
ezsystems/ezplatform-kernel
10
croogo/croogo
10
ezsystems/ezplatform-admin-ui
10
billz/raspap-webgui
10
roundcube/roundcubemail
10
starcitizentools/citizen-skin
9
concrete5/core
9
pimcore/customer-management-framework-bundle
9
in2code/powermail
9
kevinpapst/kimai2
9
opensource-workshop/connect-cms
9
azuracast/azuracast
9
simplesamlphp/saml2
9
in2code/femanager
9
flarum/core
9
krayin/laravel-crm
9
directmailteam/direct-mail
8
symfony/http-kernel
8
guzzlehttp/guzzle
8
silverstripe/graphql
8
codiad/codiad
8
gilacms/gila
8
tecnickcom/tcpdf
8
backdrop/backdrop
8
october/cms
8
contao/core
8
joomla/joomla-cms
8
silverstripe/admin
8
vrana/adminer
8
yourls/yourls
7
yiisoft/yii2-dev
7
shopxo/shopxo
7
passbolt/passbolt_api
7
idno/known
7
typo3/cms-form
7
getformwork/formwork
7
egroupware/egroupware
7
wpglobus/wpglobus
7
unopim/unopim
7
october/backend
7
dweeves/magmi
6
symfony/ux-live-component
6
drupal/core-recommended
6
api-platform/core
6
verbb/formie
6
icecoder/icecoder
6
typo3/html-sanitizer
6
typo3/cms-install
6
oro/platform
6
limesurvey/limesurvey
6
gleez/cms
6
zoujingli/thinkadmin
6
nystudio107/craft-seomatic
6
privatebin/privatebin
6
paymenter/paymenter
6
auth0/wordpress
6
league/commonmark
6
ibexa/admin-ui
6
processwire/processwire
6
adodb/adodb-php
6
pear/archive_tar
6
october/rain
6
tcg/voyager
5
auth0/symfony
5
ibexa/core
5
woocommerce/woocommerce
5
automad/automad
5
mineadmin/mineadmin
5
auth0/auth0-php
5
flightphp/core
5
silverstripe/assets
5
neos/flow
5
bottelet/flarepoint
5
mautic/core-lib
5
neos/neos
5
tpwd/ke_search
5
anchorcms/anchor-cms
5
code16/sharp
5
phpxmlrpc/phpxmlrpc
5
guzzlehttp/psr7
5
gugoan/economizzer
5
symfony/html-sanitizer
5
cachethq/cachet
5
typo3/flow
5
phppgadmin/phppgadmin
5
symfony/yaml
5
illuminate/database
5
juzaweb/cms
5
thinkcmf/thinkcmf
5
shopware/storefront
5
elgg/elgg
5
Filter by Repository
https://github.com/moodle/moodle
250
https://github.com/pimcore/pimcore
116
https://github.com/TYPO3/typo3
93
https://github.com/microweber/microweber
90
https://github.com/librenms/librenms
77
https://github.com/thorsten/phpmyfaq
69
https://github.com/silverstripe/silverstripe-framework
68
https://github.com/symfony/symfony
64
https://github.com/Dolibarr/dolibarr
60
https://github.com/mautic/mautic
46
https://github.com/phpmyadmin/phpmyadmin
45
https://github.com/concretecms/concretecms
44
https://github.com/shopware/platform
42
https://github.com/mantisbt/mantisbt
42
https://github.com/craftcms/cms
41
https://github.com/shopware/shopware
40
https://github.com/star7th/showdoc
39
https://github.com/magento/magento2
38
https://github.com/octobercms/october
36
https://github.com/snipe/snipe-it
30
https://github.com/contao/contao
30
https://github.com/baserproject/basercms
26
https://github.com/froxlor/froxlor
26
https://github.com/pmmp/PocketMine-MP
25
https://github.com/getgrav/grav
24
https://github.com/firefly-iii/firefly-iii
23
https://github.com/nilsteampassnet/TeamPass
23
https://github.com/PrestaShop/PrestaShop
23
https://github.com/TYPO3/TYPO3.CMS
23
https://github.com/livehelperchat/livehelperchat
23
https://github.com/PHPOffice/PhpSpreadsheet
22
https://github.com/getkirby/kirby
22
https://github.com/laravel/framework
21
https://github.com/funadmin/funadmin
20
https://github.com/intelliants/subrion
19
https://github.com/TYPO3-CMS/core
19
https://github.com/simplesamlphp/simplesamlphp
19
https://github.com/nilsteampassnet/teampass
19
https://github.com/OpenMage/magento-lts
18
https://github.com/liufee/cms
17
https://github.com/forkcms/forkcms
16
https://github.com/yetiforcecompany/yetiforcecrm
16
https://github.com/centreon/centreon
15
https://github.com/drupal/core
15
https://github.com/dompdf/dompdf
15
https://github.com/thorsten/phpMyFAQ
15
https://github.com/PHPMailer/PHPMailer
15
https://github.com/zendframework/zendframework
15
https://github.com/cockpit-hq/cockpit
14
https://github.com/pimcore/admin-ui-classic-bundle
14
https://github.com/modxcms/revolution
12
https://github.com/centreon/centreon-archived
12
https://github.com/YesWiki/yeswiki
12
https://sourceforge.net/projects/phpmyadmin.sourceforge.net
12
https://github.com/yiisoft/yii2
12
https://github.com/codeigniter4/CodeIgniter4
12
https://github.com/smarty-php/smarty
12
https://github.com/dolibarr/dolibarr
11
https://github.com/WWBN/AVideo
11
https://github.com/sulu/sulu
11
https://github.com/Leantime/leantime
11
https://github.com/top-think/framework
11
https://github.com/Studio-42/elFinder
11
https://github.com/cakephp/cakephp
11
https://github.com/Sylius/Sylius
11
https://github.com/semplon/GeniXCMS
10
https://github.com/opencart/opencart
10
https://github.com/wallabag/wallabag
10
https://github.com/bolt/bolt
10
https://github.com/tinymce/tinymce
10
https://github.com/neorazorx/facturascripts
9
https://github.com/kevinpapst/kimai2
9
https://github.com/bagisto/bagisto
9
https://github.com/statamic/cms
9
https://github.com/spatie/browsershot
9
https://github.com/pterodactyl/panel
9
https://github.com/LavaLite/cms
9
https://github.com/StarCitizenTools/mediawiki-skins-Citizen
9
https://github.com/ezsystems/ezpublish-kernel
9
https://github.com/alextselegidis/easyappointments
9
https://github.com/twigphp/Twig
8
https://github.com/Froxlor/Froxlor
8
https://github.com/tecnickcom/TCPDF
8
https://github.com/RaspAP/raspap-webgui
8
https://github.com/ezsystems/ezplatform-admin-ui
8
https://github.com/GilaCMS/gila
8
https://github.com/francoisjacquet/rosariosis
8
https://github.com/pimcore/customer-data-framework
8
https://github.com/croogo/croogo
8
https://github.com/TribalSystems/Zenario
8
https://github.com/admidio/admidio
8
https://github.com/flarum/framework
8
https://github.com/Codiad/Codiad
7
https://github.com/unopim/unopim
7
https://github.com/d4wner/Vulnerabilities-Report
7
https://github.com/composer/composer
7
https://github.com/wintercms/winter
7
https://github.com/passbolt/passbolt_api
7
https://github.com/ezsystems/ezplatform-kernel
7
https://github.com/pagekit/pagekit
7
https://github.com/auth0/auth0-PHP
6
https://github.com/guzzle/guzzle
6
https://github.com/silverstripe/silverstripe-graphql
6
https://github.com/ADOdb/ADOdb
6
https://github.com/vrana/adminer
6
https://github.com/api-platform/core
6
https://github.com/nystudio107/craft-seomatic
6
https://github.com/ezsystems/ezpublish-legacy
6
https://github.com/oroinc/orocommerce
6
https://github.com/gleez/cms
6
https://github.com/Admidio/admidio
6
https://github.com/bookstackapp/bookstack
6
https://github.com/ImpressCMS/impresscms
6
https://github.com/LimeSurvey/LimeSurvey
6
https://gitlab.com/francoisjacquet/rosariosis
6
https://github.com/in2code-de/femanager
5
https://github.com/ibexa/admin-ui
5
https://github.com/pear/Archive_Tar
5
https://github.com/contao/core
5
https://github.com/zendframework/zf1
5
https://github.com/dub-flow/vulnerability-research
5
https://github.com/Bottelet/DaybydayCRM
5
https://github.com/ibexa/core
5
https://github.com/gggeek/phpxmlrpc
5
https://github.com/oroinc/platform
5
https://github.com/getformwork/formwork
5
https://github.com/jbroadway/elefant
5
https://github.com/shopware5/shopware
5
https://github.com/nukeviet/nukeviet
5
https://github.com/thinkcmf/thinkcmf
5
https://github.com/backdrop/backdrop
5
https://github.com/in2code-de/powermail
4
https://github.com/appwrite/appwrite
4
https://github.com/zoujingli/ThinkAdmin
4
https://github.com/Sylius/SyliusResourceBundle
4
https://github.com/hieuminhnv/Zenario-CMS-last-version
4
https://github.com/progprnv/CVE-Reports
4
https://github.com/froxlor/Froxlor
4
https://github.com/yourls/yourls
4
https://github.com/codeigniter4/shield
4
https://github.com/fiveai/Cachet
4
https://github.com/pixelfed/pixelfed
4
https://github.com/phpservermon/phpservermon
4
https://github.com/ezsystems/ezplatform
4
https://github.com/reportico-web/reportico
4
https://github.com/silverstripe/silverstripe-admin
4
https://github.com/Cockpit-HQ/Cockpit
4
https://github.com/GiacoLenzo2109/MoonShine_Software_PoCs
4
https://github.com/darylldoyle/svg-sanitizer
4
https://github.com/haxtheweb/issues
4
https://github.com/ezsystems/ezplatform-richtext
4
https://github.com/TYPO3/html-sanitizer
4
https://github.com/oroinc/crm
4
https://github.com/BookStackApp/BookStack
4
https://github.com/brefphp/bref
4
https://github.com/PrivateBin/PrivateBin
4
https://github.com/crater-invoice/crater
4
https://github.com/kimai/kimai
4
https://github.com/livewire/livewire
4
https://github.com/PrestaShop/productcomments
3
https://github.com/liufee/feehicms
3
https://github.com/torrentpier/torrentpier
3
https://github.com/concrete5/concrete5
3
https://github.com/elgg/elgg
3
https://github.com/thephpleague/commonmark
3
https://github.com/artesaos/seotools
3
https://github.com/Athlon1600/php-proxy-app
3
https://github.com/ezsystems/ezplatform-http-cache
3
https://github.com/verbb/formie
3
https://github.com/PrestaShopCorp/ps_checkout
3
https://github.com/uvdesk/community-skeleton
3
https://github.com/aimeos/ai-admin-graphql
3
https://github.com/idno/known
3
https://github.com/phpbb/phpbb
3
https://github.com/Sylius/PayPalPlugin
3
https://github.com/dd3x3r/enhavo
3
https://github.com/flarum/core
3
https://github.com/ibexa/fieldtype-richtext
3
https://github.com/woocommerce/woocommerce
3
https://github.com/uasoft-indonesia/badaso
3
https://github.com/orchidsoftware/platform
3
https://github.com/grokability/snipe-it
3
https://github.com/thedevdojo/voyager
3
https://github.com/xjzzzxx/vulFound
3
https://github.com/facade/ignition
3
https://github.com/phpbb/phpbb-app
3
https://github.com/quickapps/cms
3
https://github.com/yiisoft/yii
3
https://github.com/guzzle/psr7
3
https://github.com/phpseclib/phpseclib
3
https://github.com/wikimedia/mediawiki
3
https://github.com/auth0/wordpress
3
https://github.com/UniSharp/laravel-filemanager
3
https://github.com/joomla/joomla-cms
3
https://github.com/belong2yourself/vulnerabilities
3
https://github.com/alexbsec/CVEs
3
https://github.com/notrinos/notrinoserp
3
https://github.com/qcubed/qcubed
3
https://github.com/nitsan-technologies/ns_backup
3