Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-w5mx-334j-6fwv
  • Packagist/bagisto/bagisto
Bagist Cross-site Scripting vulnerability
  • v0.1.0
  • v0.1.1
  • v0.1.2
  • v0.1.3
  • v0.1.4
  • v0.1.4-BETA1
  • v0.1.4-BETA2
  • ...
2024-03-01T18:30:23Z Fix available
GHSA-q76r-7p4q-mqpw
Cockpit CMS Cross-Site Scripting vulnerability
  • 2.7.0
2024-02-29T15:32:26Z No fix available
GHSA-v4cp-2q7v-hg9q
  • Packagist/remdex/livehelperchat
livehelperchat Server-Side Template Injection
  • 1.74
  • 1.81
  • 1.82
  • 1.83
  • 1.84
  • 1.85
  • 1.86
  • ...
2024-02-29T03:33:18Z Fix available
GHSA-3rxx-8f33-7p6p
  • Packagist/concrete5/concrete5
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability
  • 8.0
  • 8.0.1
  • 8.0.2
  • 8.0.3
  • 8.1.0
  • 8.2.0
  • 8.2.0RC2
  • ...
2024-02-29T03:33:14Z Fix available
GHSA-45m2-8q7f-93wv
  • Packagist/concrete5/concrete5
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability
  • 9.0.0
  • 9.0.1
  • 9.0.2
  • 9.1.0
  • 9.1.1
  • 9.1.2
  • 9.1.3
  • ...
2024-02-29T03:33:14Z Fix available
GHSA-9xxv-q6pp-96wq
  • Packagist/concrete5/concrete5
Concrete CMS Stored XSS
  • 9.0.0
  • 9.0.1
  • 9.0.2
  • 9.1.0
  • 9.1.1
  • 9.1.2
  • 9.1.3
  • ...
2024-02-29T03:33:14Z Fix available
GHSA-x577-gcc9-9xjj
  • Packagist/concrete5/concrete5
Concrete CMS Stored XSS in Layout Preset Name
  • 8.0
  • 8.0.1
  • 8.0.2
  • 8.0.3
  • 8.1.0
  • 8.2.0
  • 8.2.0RC2
  • ...
2024-02-29T03:33:14Z Fix available
GHSA-gp6m-fq6h-cjcx
  • Packagist/openmage/magento-lts
Magento LTS vulnerable to stored XSS in admin file form
  • v20.0.0
  • v20.0.1
  • v20.0.10
  • v20.0.11
  • v20.0.12
  • v20.0.13
  • v20.0.14
  • ...
2024-02-27T21:47:58Z Fix available
GHSA-q4qh-8pxw-r48q
  • Packagist/intelliants/subrion
Subrion CMS vulnerable to Cross Site Scripting
  • v4.0.0
  • v4.0.1
  • v4.0.2
  • v4.0.3
  • v4.0.4
  • v4.0.5
  • v4.1.0
  • ...
2024-02-27T18:31:01Z No fix available
GHSA-xxf8-fpmr-fw7v
  • Packagist/intelliants/subrion
Subrion CMS vulnerable to SQL Injection
  • v4.0.0
  • v4.0.1
  • v4.0.2
  • v4.0.3
  • v4.0.4
  • v4.0.5
  • v4.1.0
  • ...
2024-02-27T18:31:01Z No fix available
GHSA-7p7q-fjfw-v3gf
  • Packagist/bagisto/bagisto
Bagisto Cross-Site Request Forgery vulnerability
  • v0.1.0
  • v0.1.1
  • v0.1.2
  • v0.1.3
  • v0.1.4
  • v0.1.4-BETA1
  • v0.1.4-BETA2
  • ...
2024-02-27T00:32:04Z Fix available
GHSA-63h4-w25c-3qv4
  • Packagist/getkirby/cms
Kirby vulnerable to Cross-site scripting (XSS) in the link field "Custom" type
  • 4.0.0
  • 4.0.1
  • 4.0.2
  • 4.0.3
  • 4.1.0
  • 4.1.0-rc.1
  • 4.1.0-rc.2
  • ...
2024-02-26T20:01:08Z Fix available
GHSA-57f2-8p89-66x6
  • Packagist/getkirby/cms
Kirby vulnerable to self cross-site scripting (self-XSS) in the URL field
  • 3.0.0
  • 3.0.1
  • 3.0.1-rc.1
  • 3.0.2
  • 3.0.2-rc.1
  • 3.0.3
  • 3.0.3-rc.1
  • ...
2024-02-26T17:19:27Z Fix available
GHSA-xrvh-rvc4-5m43
  • Packagist/getkirby/cms
Kirby vulnerable to unrestricted file upload of user avatar images
  • 3.0.0
  • 3.0.1
  • 3.0.1-rc.1
  • 3.0.2
  • 3.0.2-rc.1
  • 3.0.3
  • 3.0.3-rc.1
  • ...
2024-02-26T16:22:12Z Fix available
GHSA-wfm3-gq9h-mrjm
  • Packagist/appwrite/server-ce
Appwrite Directory Traversal vulnerability
  • 0.10.0
  • 0.10.1
  • 0.10.2
  • 0.10.3
  • 0.10.4
  • 0.11.0
  • 0.11.1
  • ...
2024-02-23T00:30:33Z Fix available
GHSA-66c2-p8rh-qx87
  • Packagist/baserproject/basercms
baserCMS Cross-site Scripting vulnerability in Site search Feature
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 0.0.6
  • 0.0.7
  • ...
2024-02-22T19:43:32Z Fix available