Vulnerability Database

  • Total number of vulnerabilities in the DB: 315,050
With exploit

Composer icon laravel / framework

Title Severity Exploit Date Affected Version
CVE-2020-24941 High Sep 4, 2020 < 6.18.35
>= 7.0.0 < 7.24.0
CVE-2018-6330 Medium Mar 28, 2019 == 5.4.15

Composer icon silverstripe / framework

Title Severity Exploit Date Affected Version
silverstripe/framework SQL injection in full text search High May 27, 2024 >= 3.5.0-rc1 < 3.5.6
>= 3.6.0-rc1 < 3.6.3
>= 4.0.0-rc1 < 4.0.1
silverstripe/framework users inadvertently passing sensitive data to LoginAttempt Medium May 27, 2024 >= 3.5.0-rc1 < 3.5.6
>= 3.6.0-rc1 < 3.6.3
>= 4.0.0-rc1 < 4.0.1
silverstripe/framework CSV Excel Macro Injection High May 27, 2024 >= 3.5.0-rc1 < 3.5.6
>= 3.6.0-rc1 < 3.6.3
>= 4.0.0-rc1 < 4.0.1
silverstripe/framework vulnerable to user enumeration via timing attack on login and password reset forms High May 27, 2024 >= 3.5.0-rc1 < 3.5.5
>= 3.6.0-rc1 < 3.6.2
silverstripe/framework's User-Agent header not correctly invalidating user session High May 27, 2024 >= 3.5.0-rc1 < 3.5.6
>= 3.6.0-rc1 < 3.6.3
silverstripe/framework has Cross-site Scripting vulnerability in page history comparison Medium May 27, 2024 >= 3.4.0-rc1 < 3.4.6
>= 3.5.0-rc1 < 3.5.4
silverstripe/framework has Cross-site Scripting vulnerability in RedirectorPage Medium May 27, 2024 >= 3.4.0-rc1 < 3.4.6
>= 3.5.0-rc1 < 3.5.4
silverstripe/framework has Cross-site Scripting vulnerability in CMSSecurity BackURL Medium May 27, 2024 >= 3.1.0-rc1 < 3.1.21
>= 3.2.0-rc1 < 3.2.6
>= 3.3.0-rc1 < 3.3.4
>= 3.4.0-rc1 < 3.4.2
silverstripe/framework has Cross-site Scripting vulnerability in page name Medium May 27, 2024 >= 3.4.0-rc1 < 3.4.4
>= 3.5.0-rc1 < 3.5.2
silverstripe/framework member disclosure in login form Medium May 27, 2024 >= 3.4.0-rc1 < 3.4.6
>= 3.5.0-rc1 < 3.5.4