Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-gvg8-r8w2-9gfj
  • Packagist/thorsten/phpmyfaq
phpMyFAQ Improper Input Validation vulnerability
  • 2.10.0-alpha
  • 2.8.0
  • 2.8.0-RC
  • 2.8.0-RC2
  • 2.8.0-RC3
  • 2.8.0-RC4
  • 2.8.0-alpha2
  • ...
2023-03-31T22:48:08.253859Z Fix available
GHSA-4wfc-ghv5-2v7j
  • Packagist/thorsten/phpmyfaq
phpMyFAQ Stored Cross-site Scripting vulnerability
  • 2.10.0-alpha
  • 2.8.0
  • 2.8.0-RC
  • 2.8.0-RC2
  • 2.8.0-RC3
  • 2.8.0-RC4
  • 2.8.0-alpha2
  • ...
2023-03-31T22:47:15.982051Z Fix available
GHSA-7q9c-f2v8-j8gw
  • Packagist/thorsten/phpmyfaq
phpMyFAQ Stored Cross-site Scripting vulnerability
  • 2.10.0-alpha
  • 2.8.0
  • 2.8.0-RC
  • 2.8.0-RC2
  • 2.8.0-RC3
  • 2.8.0-RC4
  • 2.8.0-alpha2
  • ...
2023-03-31T22:46:49.827742Z Fix available
GHSA-hp8m-g55r-9cfq
  • Packagist/thorsten/phpmyfaq
phpMyFAQ Cross-site Scripting vulnerability
  • 2.10.0-alpha
  • 2.8.0
  • 2.8.0-RC
  • 2.8.0-RC2
  • 2.8.0-RC3
  • 2.8.0-RC4
  • 2.8.0-alpha2
  • ...
2023-03-31T22:46:25.290997Z Fix available
GHSA-4p4m-5qp7-479x
  • Packagist/thorsten/phpmyfaq
phpMyFAQ has Weak Password Requirements
  • 2.10.0-alpha
  • 2.8.0
  • 2.8.0-RC
  • 2.8.0-RC2
  • 2.8.0-RC3
  • 2.8.0-RC4
  • 2.8.0-alpha2
  • ...
2023-03-31T22:46:00.019220Z Fix available
GHSA-6cpg-gqgq-2rrr
  • Packagist/thorsten/phpmyfaq
phpMyFAQ Code Injection vulnerability
  • See details.
2023-03-31T22:42:07Z Fix available
GHSA-7j4m-f87g-5r9r
  • Packagist/really-simple-plugins/complianz-gdpr
Complianz WordPress plugin vulnerable to cross-site scripting
  • v6.1.2
  • v6.1.3
  • v6.1.5
  • v6.1.6
  • v6.1.6.1
  • v6.2.0
  • v6.2.4
  • ...
2023-03-31T22:34:22.668045Z Fix available
GHSA-7r35-chv4-xr3r
  • Packagist/pimcore/pimcore
Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings
  • 10.0.8
  • 2.2.0
  • 2.2.1
  • 2.2.2
  • 2.3.0
  • 3.0.0
  • 3.0.1
  • ...
2023-03-31T17:34:08.649645Z Fix available
GHSA-6qjm-39vh-729w
  • Packagist/pimcore/pimcore
Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings
  • 10.0.8
  • 2.2.0
  • 2.2.1
  • 2.2.2
  • 2.3.0
  • 3.0.0
  • 3.0.1
  • ...
2023-03-31T17:15:46.514008Z Fix available
GHSA-hfmg-g39c-5444
  • Packagist/pimcore/pimcore
pimcore is vulnerable to cross-site scripting in translate module
  • 10.0.8
  • 2.2.0
  • 2.2.1
  • 2.2.2
  • 2.3.0
  • 3.0.0
  • 3.0.1
  • ...
2023-03-31T16:31:02.383705Z Fix available
GHSA-q2x3-2f9g-h559
  • Packagist/moodle/moodle
  • Packagist/moodle/moodle
  • Packagist/moodle/moodle
  • Packagist/moodle/moodle
Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user input
  • v4.1.0
  • v4.1.1
  • v4.0.0
  • v4.0.1
  • v4.0.2
  • v4.0.3
  • v4.0.4
  • ...
2023-03-31T16:16:16.416167Z Fix available
GHSA-9jc5-9wh5-mc36
  • Packagist/concrete5/concrete5
  • Packagist/concrete5/concrete5
Concrete CMS vulnerable to Cross-site Scripting
  • 8.0
  • 8.0.1
  • 8.0.2
  • 8.0.3
  • 8.1.0
  • 8.2.0
  • 8.2.0RC2
  • ...
2023-03-31T16:02:29.041289Z Fix available
GHSA-8c2c-jxwj-jqgf
  • Packagist/spatie/browsershot
Browsershot does not validate URL protocols passed to Browsershot URL method
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 1.0.0
  • 1.1.0
  • 1.2.0
  • ...
2023-03-31T00:29:32.291602Z Fix available
GHSA-86pv-95mj-7w5f
  • Packagist/mautic/core
Stored XSS vulnerability on Bounce Management Callback
  • 1.0.0
  • 1.0.0-beta
  • 1.0.0-beta2
  • 1.0.0-beta3
  • 1.0.0-beta4
  • 1.0.0-rc1
  • 1.0.0-rc2
  • ...
2023-03-31T00:29:18.870716Z Fix available
GHSA-2wxv-3g4v-p76p
  • Packagist/phpsysinfo/phpsysinfo
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence
  • v3.1.13
  • v3.1.14
  • v3.1.15
  • v3.1.16
  • v3.1.17
  • v3.2.0
  • v3.2.1
  • ...
2023-03-30T21:01:03.208859Z Fix available
GHSA-3r5c-h7g6-cqw7
  • Packagist/pimcore/pimcore
pimcore is vulnerable to cross-site scripting in classes module
  • 10.0.8
  • 2.2.0
  • 2.2.1
  • 2.2.2
  • 2.3.0
  • 3.0.0
  • 3.0.1
  • ...
2023-03-30T20:44:21.460516Z Fix available