Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
43993
Alpine
3151
Android
582
crates.io
1104
Debian
9120
GitHub Actions
8
Go
1323
Hex
21
Linux
13573
Maven
3332
npm
2869
NuGet
262
OSS-Fuzz
2742
Packagist
1434
Pub
4
PyPI
3840
RubyGems
628
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-gvg8-r8w2-9gfj
Packagist/thorsten/phpmyfaq
phpMyFAQ Improper Input Validation vulnerability
2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...
2023-03-31T22:48:08.253859Z
Fix available
GHSA-4wfc-ghv5-2v7j
Packagist/thorsten/phpmyfaq
phpMyFAQ Stored Cross-site Scripting vulnerability
2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...
2023-03-31T22:47:15.982051Z
Fix available
GHSA-7q9c-f2v8-j8gw
Packagist/thorsten/phpmyfaq
phpMyFAQ Stored Cross-site Scripting vulnerability
2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...
2023-03-31T22:46:49.827742Z
Fix available
GHSA-hp8m-g55r-9cfq
Packagist/thorsten/phpmyfaq
phpMyFAQ Cross-site Scripting vulnerability
2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...
2023-03-31T22:46:25.290997Z
Fix available
GHSA-4p4m-5qp7-479x
Packagist/thorsten/phpmyfaq
phpMyFAQ has Weak Password Requirements
2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...
2023-03-31T22:46:00.019220Z
Fix available
GHSA-6cpg-gqgq-2rrr
Packagist/thorsten/phpmyfaq
phpMyFAQ Code Injection vulnerability
See details.
2023-03-31T22:42:07Z
Fix available
GHSA-7j4m-f87g-5r9r
Packagist/really-simple-plugins/complianz-gdpr
Complianz WordPress plugin vulnerable to cross-site scripting
v6.1.2
v6.1.3
v6.1.5
v6.1.6
v6.1.6.1
v6.2.0
v6.2.4
...
2023-03-31T22:34:22.668045Z
Fix available
GHSA-7r35-chv4-xr3r
Packagist/pimcore/pimcore
Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings
10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...
2023-03-31T17:34:08.649645Z
Fix available
GHSA-6qjm-39vh-729w
Packagist/pimcore/pimcore
Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings
10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...
2023-03-31T17:15:46.514008Z
Fix available
GHSA-hfmg-g39c-5444
Packagist/pimcore/pimcore
pimcore is vulnerable to cross-site scripting in translate module
10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...
2023-03-31T16:31:02.383705Z
Fix available
GHSA-q2x3-2f9g-h559
Packagist/moodle/moodle
Packagist/moodle/moodle
Packagist/moodle/moodle
Packagist/moodle/moodle
Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user input
v4.1.0
v4.1.1
v4.0.0
v4.0.1
v4.0.2
v4.0.3
v4.0.4
...
2023-03-31T16:16:16.416167Z
Fix available
GHSA-9jc5-9wh5-mc36
Packagist/concrete5/concrete5
Packagist/concrete5/concrete5
Concrete CMS vulnerable to Cross-site Scripting
8.0
8.0.1
8.0.2
8.0.3
8.1.0
8.2.0
8.2.0RC2
...
2023-03-31T16:02:29.041289Z
Fix available
GHSA-8c2c-jxwj-jqgf
Packagist/spatie/browsershot
Browsershot does not validate URL protocols passed to Browsershot URL method
0.1.0
0.1.1
0.1.2
0.1.3
1.0.0
1.1.0
1.2.0
...
2023-03-31T00:29:32.291602Z
Fix available
GHSA-86pv-95mj-7w5f
Packagist/mautic/core
Stored XSS vulnerability on Bounce Management Callback
1.0.0
1.0.0-beta
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-rc1
1.0.0-rc2
...
2023-03-31T00:29:18.870716Z
Fix available
GHSA-2wxv-3g4v-p76p
Packagist/phpsysinfo/phpsysinfo
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence
v3.1.13
v3.1.14
v3.1.15
v3.1.16
v3.1.17
v3.2.0
v3.2.1
...
2023-03-30T21:01:03.208859Z
Fix available
GHSA-3r5c-h7g6-cqw7
Packagist/pimcore/pimcore
pimcore is vulnerable to cross-site scripting in classes module
10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...
2023-03-30T20:44:21.460516Z
Fix available
Load more...
Packagist - OSV