Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-r9xj-mvqf-jm7w
  • Packagist/bagisto/bagisto
 bagisto has Cross Site Scripting (XSS) in Create New Customer 23 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-fg89-g389-p346
  • Packagist/bagisto/bagisto
 bagisto has a Cross Site Scripting (XSS) vulnerability in TinyMCE Image Upload (SVG) 23 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-67px-r26w-598x
  • Packagist/bagisto/bagisto
 bagisto has Cross Site Scripting (XSS) issue in TinyMCE Image Upload (HTML) yesterday
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-86rg-8hc8-v82p
  • Packagist/librenms/librenms
 LibreNMS is vulnerable to Reflected-XSS in `report_this` function 3 days ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-29mf-w486-v3vc
  • Packagist/bagisto/bagisto
 Bagisto is vulnerable to XSS through Admin Panel's product creation path 6 days ago
  • Fix available
  • Severity - 8.3 (High)
GHSA-rpjr-pcmr-9ppw
  • Packagist/alt-design/alt-redirect
 Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw 10 Oct
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-64mv-9655-37hx
  • Packagist/drupal-pattern-lab/unified-twig-extensions
 drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS 10 Oct
  • No fix available
  • Severity - 1.9 (Low)
GHSA-q769-phqg-263r
  • Packagist/webreinvent/vaahcms
 VaahCMS is vulnerable to XSS through its Avatar Upload endpoint 08 Oct
  • No fix available
  • Severity - 6.1 (Medium)
GHSA-chw4-gjvw-3gxc
  • Packagist/melisplatform/melis-cms-slider
 Melis Platform CMS Unauthenticated File Upload Leading to RCE 08 Oct
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-mrmx-jfw8-qhgv
  • Packagist/melisplatform/melis-cms
 Melis Platform CMS SQL Injection 08 Oct
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-p3vc-g9f9-mgw4
  • Packagist/melisplatform/melis-core
 Melis Platform CMS Unauthenticated Admin Account Creation 08 Oct
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-xgr2-5837-hf48
  • Packagist/novosga/novosga
 NovoSGA: Manipulation of User Creation Page can lead to weak password requirements 06 Oct
  • No fix available
  • Severity - 2.9 (Low)
GHSA-9wj2-4hcm-r74j
  • Packagist/thorsten/phpmyfaq
 phpMyFAQ duplicate email registration allows multiple accounts with the same email 03 Oct
  • Fix available
  • Severity - 8.1 (High)
GHSA-27hj-48r9-x2vx
  • Packagist/dolibarr/dolibarr
 Dolibarr vulnerable to RCE via the computed field parameter 01 Oct
  • Fix available
  • Severity - 8.8 (High)
GHSA-7jp2-5h22-m432
  • Packagist/auth0/symfony
 Auth0 Symfony SDK Does Not Properly Handle File Types in Bulk User Import 01 Oct
  • Fix available
  • Severity - 3.3 (Low)
GHSA-hjfh-5jmm-xr24
  • Packagist/auth0/login
 laravel-auth0 SDK Does Not Properly Handle File Types in Bulk User Import 01 Oct
  • Fix available
  • Severity - 3.3 (Low)
Load more...