Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • H
Cross-site Scripting (XSS)
erik-dubbelboer/php-redis-admin <1.13.2 Composer 16 Oct, 2020
  • H
SQL Injection
phpmyadmin/phpmyadmin >=4.9.0, <4.9.6,>=5.0.0, <5.0.3 Composer 11 Oct, 2020
  • H
Cross-site Scripting (XSS)
phpmyadmin/phpmyadmin >=4.9.0 <4.9.6,>=5.0.0 <5.0.3 Composer 11 Oct, 2020
  • M
Cross-site Scripting (XSS)
typo3fluid/fluid >=2.0.0, <2.0.5,>=2.1.0, <2.1.4,>=2.2.0, <2.2.1,>=2.3.0, <2.3.5,>=2.4.0, <2.4.1,>=2.5.0, <2.5.5,>=2.6.0, <2.6.1 Composer 09 Oct, 2020
  • M
Cross-site Scripting (XSS)
pterodactyl/panel <0.7.19,<1.0.0-rc.7 Composer 09 Oct, 2020
  • M
Cross-site Request Forgery (CSRF)
pyrocms/pyrocms >=0.0.0 Composer 08 Oct, 2020
  • M
Cross-site Request Forgery (CSRF)
pyrocms/pyrocms >=0.0.0 Composer 08 Oct, 2020
  • M
Cross-site Scripting (XSS)
impresscms/impresscms <1.4.1 Composer 08 Oct, 2020
  • H
Improper Input Validation
contao/core <4.4.52,>=4.9, <4.9.66,>=4.10, <4.10.1 Composer 08 Oct, 2020
  • M
Object Injection
ezsystems/ezpublish-legacy >=2019.3.0, <2019.3.5.1,>=2017.12.0, <2017.12.7.3 Composer 06 Oct, 2020
  • H
Remote Code Execution (RCE)
nette/application >=2.2.0, <2.2.10,>=2.3.0, <2.3.14,>=2.4.0, <2.4.16,>=3.0.0, <3.0.6 Composer 05 Oct, 2020
  • H
Cross-site Scripting (XSS)
contao/contao >=4.0.0, <4.4.52,>=4.5.0, <4.9.6,>=4.10.0, <4.10.1 Composer 02 Oct, 2020
  • M
Access Restriction Bypass
mediawiki/core >=0.0.0 Composer 29 Sep, 2020
  • L
Information Exposure
mediawiki/core >=0.0.0 Composer 29 Sep, 2020
  • H
Cross-site Scripting (XSS)
mediawiki/core >=1.31.0, <1.31.10,>=1.32.0, <1.34.4 Composer 28 Sep, 2020
  • H
Cross-site Scripting (XSS)
mediawiki/core >=1.31.0, <1.31.10,>=1.32.0, <1.34.4 Composer 28 Sep, 2020
  • M
Cross-site Scripting (XSS)
mediawiki/core >=1.31.0, <1.31.10,>=1.32.0, <1.34.4 Composer 28 Sep, 2020
  • M
Cross-site Scripting (XSS)
mediawiki/core >=1.32.0, <1.34.4,>=1.31.0, <1.31.9 Composer 28 Sep, 2020
  • H
Improper Input Validation
livewire/livewire >=2.2.4, <2.2.6 Composer 24 Sep, 2020
  • M
Insecure Encryption
glpi/glpi <9.5.0 Composer 24 Sep, 2020
  • M
Cross-site Scripting (XSS)
shopware/platform <6.3.1.1 Composer 24 Sep, 2020
  • M
Cross-site Scripting (XSS)
shopware/core <6.3.1.1 Composer 24 Sep, 2020
  • H
Improper Input Validation
livewire/livewire >=2.2.5, <2.2.6 Composer 24 Sep, 2020
  • M
Arbitrary Code Execution
shopware/platform <6.3.1.1 Composer 24 Sep, 2020
  • M
Arbitrary Code Execution
shopware/core <6.3.1.1 Composer 24 Sep, 2020
  • H
Cross-site Scripting (XSS)
silverstripe-australia/advancedreports >=1.1.1 Composer 21 Sep, 2020
  • M
Access Restriction Bypass
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • M
Information Disclosure
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • H
Cross-site Scripting (XSS)
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020
  • H
Cross-site Scripting (XSS)
drupal/drupal >=8.0.0, <8.1.0,>=8.1.0, <8.2.0,>=8.2.0, <8.3.0,>=8.3.0, <8.4.0,>=8.4.0, <8.5.0,>=8.5.0, <8.6.0,>=8.6.0, <8.7.0,>=8.7.0, <8.8.0,>=8.8.0, <8.8.10,>=8.9.0, <8.9.6,>=9.0.0, <9.0.6 Composer 18 Sep, 2020