OSV

GHSA-gvg8-r8w2-9gfj

Packagist/thorsten/phpmyfaq

phpMyFAQ Improper Input Validation vulnerability

2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...

2023-03-31T22:48:08.253859Z

Fix available

GHSA-4wfc-ghv5-2v7j

Packagist/thorsten/phpmyfaq

phpMyFAQ Stored Cross-site Scripting vulnerability

2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...

2023-03-31T22:47:15.982051Z

Fix available

GHSA-7q9c-f2v8-j8gw

Packagist/thorsten/phpmyfaq

phpMyFAQ Stored Cross-site Scripting vulnerability

2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...

2023-03-31T22:46:49.827742Z

Fix available

GHSA-hp8m-g55r-9cfq

Packagist/thorsten/phpmyfaq

phpMyFAQ Cross-site Scripting vulnerability

2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...

2023-03-31T22:46:25.290997Z

Fix available

GHSA-4p4m-5qp7-479x

Packagist/thorsten/phpmyfaq

phpMyFAQ has Weak Password Requirements

2.10.0-alpha
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha2
...

2023-03-31T22:46:00.019220Z

Fix available

GHSA-6cpg-gqgq-2rrr

Packagist/thorsten/phpmyfaq

phpMyFAQ Code Injection vulnerability

See details.

2023-03-31T22:42:07Z

Fix available

GHSA-7j4m-f87g-5r9r

Packagist/really-simple-plugins/complianz-gdpr

Complianz WordPress plugin vulnerable to cross-site scripting

v6.1.2
v6.1.3
v6.1.5
v6.1.6
v6.1.6.1
v6.2.0
v6.2.4
...

2023-03-31T22:34:22.668045Z

Fix available

GHSA-7r35-chv4-xr3r

Packagist/pimcore/pimcore

Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings

10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...

2023-03-31T17:34:08.649645Z

Fix available

GHSA-6qjm-39vh-729w

Packagist/pimcore/pimcore

Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings

10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...

2023-03-31T17:15:46.514008Z

Fix available

GHSA-hfmg-g39c-5444

Packagist/pimcore/pimcore

pimcore is vulnerable to cross-site scripting in translate module

10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...

2023-03-31T16:31:02.383705Z

Fix available

GHSA-q2x3-2f9g-h559

Packagist/moodle/moodle
Packagist/moodle/moodle
Packagist/moodle/moodle
Packagist/moodle/moodle

Moodle's Mustache pix helper contained a potential Mustache injection risk if combined with user input

v4.1.0
v4.1.1
v4.0.0
v4.0.1
v4.0.2
v4.0.3
v4.0.4
...

2023-03-31T16:16:16.416167Z

Fix available

GHSA-9jc5-9wh5-mc36

Packagist/concrete5/concrete5
Packagist/concrete5/concrete5

Concrete CMS vulnerable to Cross-site Scripting

8.0
8.0.1
8.0.2
8.0.3
8.1.0
8.2.0
8.2.0RC2
...

2023-03-31T16:02:29.041289Z

Fix available

GHSA-8c2c-jxwj-jqgf

Packagist/spatie/browsershot

Browsershot does not validate URL protocols passed to Browsershot URL method

0.1.0
0.1.1
0.1.2
0.1.3
1.0.0
1.1.0
1.2.0
...

2023-03-31T00:29:32.291602Z

Fix available

GHSA-86pv-95mj-7w5f

Packagist/mautic/core

Stored XSS vulnerability on Bounce Management Callback

1.0.0
1.0.0-beta
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-rc1
1.0.0-rc2
...

2023-03-31T00:29:18.870716Z

Fix available

GHSA-2wxv-3g4v-p76p

Packagist/phpsysinfo/phpsysinfo

phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence

v3.1.13
v3.1.14
v3.1.15
v3.1.16
v3.1.17
v3.2.0
v3.2.1
...

2023-03-30T21:01:03.208859Z

Fix available

GHSA-3r5c-h7g6-cqw7

Packagist/pimcore/pimcore

pimcore is vulnerable to cross-site scripting in classes module

10.0.8
2.2.0
2.2.1
2.2.2
2.3.0
3.0.0
3.0.1
...

2023-03-30T20:44:21.460516Z

Fix available

Vulnerability Library