Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
CVE-2025-68951
phpMyFAQ has Stored XSS in user list via admin-managed display_name
CVE-2024-42718
Croogo CMS has a path traversal vulnerability
CVE-2025-51511
Cadmium CMS has a background arbitrary file upload vulnerability
CVE-2025-68614
LibreNMS Alert Rule API Cross-Site Scripting Vulnerability
CVE-2025-14761
AWS SDK for PHP's S3 Encryption Client has a Key Commitment Issue
Auth0 WordPress has Improper Audience Validation via Auth0-PHP SDK Dependency
Auth0 Symfony SDK has Improper Audience Validation via Auth0-PHP SDK
Auth0 Laravel SDK has Improper Audience Validation via Auth0-PHP SDK dependency
CVE-2025-68129
Auth0-PHP SDK has Improper Audience Validation
CVE-2025-67165
Pagekit CMS has an Insecure Direct Object Reference (IDOR) in its User Role component
CVE-2025-67164
Pagekit CMS is vulnerable to OS Command Injection via Storage component
CVE-2025-68113
ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay
CVE-2025-66844
Grav may be vulnerable to SSRF attack via Twig Templates
CVE-2025-66843
Grav is vulnerable to Stored XSS through authenticated user-edited content
CVE-2025-65854
MineAdmin has an insecure default password
CVE-2024-58303
FoF Pretty Mail has a server-side template injection vulnerability
CVE-2025-67737
AzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCE
CVE-2025-67719
Ibexa User Bundle is missing password change validation
CVE-2025-67648
Shopware Storefront Reflected XSS in Storefront Login Page
SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475
Showing 1 - 20 of 1,000+ results