Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-jv7x-xhv2-p5v2
  • Packagist/binarytorch/larecipe
 LaRecipe is vulnerable to Server-Side Template Injection attacks 11 hours ago
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-q745-cfqh-hcrw
  • Packagist/james-heinrich/phpthumb
 phpThumb is vulnerable to Command Injection through its gif_outputAsJpeg function 3 days ago
  • No fix available
  • Severity - 4.9 (Medium)
GHSA-7pgw-q3qp-6pgq
  • Packagist/universal-omega/dynamic-page-list3
 DynamicPageList3 vulnerability exposes hidden/suppressed usernames 4 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-j4rj-fgcq-wmqp
  • Packagist/cockpit-hq/cockpit
 Cockpit - Content Platform vulnerable to XSS through name or email argument names 04 Jul
  • Fix available
  • Severity - 5.1 (Medium)
GHSA-p85q-mww9-gwqf
  • Packagist/starcitizentools/short-description
 Citizen Short Description stored XSS vulnerability through wikitext 03 Jul
  • Fix available
  • Severity - 8.6 (High)
GHSA-p9qc-8jjx-g8cg
  • Packagist/bolt/bolt
 Bolt CMS vulnerable to authenticated remote code execution 03 Jul
  • No fix available
  • Severity - 7.5 (High)
GHSA-prmv-7r8c-794g
  • Packagist/starcitizentools/citizen-skin
 Citizen vulnerable to Stored XSS through short descriptions 03 Jul
  • Fix available
  • Severity - 8.6 (High)
GHSA-rq6g-6g94-jfr4
  • Packagist/starcitizentools/citizen-skin
 starcitizentools/citizen-skin is vulnerable to Stored XSS attack in the legacy search bar through page descriptions 03 Jul
  • Fix available
  • Severity - 8.6 (High)
GHSA-j64v-xh5w-8hqj
  • Packagist/microweber/microweber
 Microweber CMS API has authenticated local file inclusion vulnerability 02 Jul
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-jfj7-249r-7j2m
  • Packagist/starcitizentools/tabber-neue
 TabberNeue vulnerable to Stored XSS through wikitext 27 Jun
  • Fix available
  • Severity - 8.6 (High)
GHSA-277f-37gw-9gmq
  • Packagist/billz/raspap-webgui
 raspap-webgui has a Directory Traversal vulnerability 27 Jun
  • Fix available
  • Severity - 7.7 (High)
GHSA-mrph-pjv2-34f4
  • Packagist/juzaweb/cms
 JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components 27 Jun
  • No fix available
  • Severity - 2.1 (Low)
GHSA-rq7x-cfmc-rq3w
  • Packagist/juzaweb/cms
 JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component 27 Jun
  • No fix available
  • Severity - 2.1 (Low)
GHSA-cgvv-3455-824j
  • Packagist/moodle/moodle
 Moodle Session Fixation allows unauthenticated users to hijack sessions via sesskey parameter 24 Jun
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-24wv-6c99-f843
  • Packagist/pterodactyl/panel
 Pterodactyl Panel Allows Unauthenticated Arbitrary Remote Code Execution 19 Jun
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-x3c7-22c8-prg7
  • Packagist/handcraftedinthealps/goodby-csv
 handcraftedinthealps/goodby-csv has Potential Gadget Chain allowing Remote Code Execution 13 Jun
  • Fix available
  • Severity - 3.9 (Low)
Load more...