Known vulnerabilities in web applications

Forum & blogging software

CMS

Modules and components for CMS

CRM systems

Cryptocurrency software

E-Commerce systems

Remote management & hosting panels

JS libraries

Other software

Webmail solutions

Cross-site scripting in DOMPurify17 Mar, 2025
Low Patched

Missing password field masking in Zoom Jenkins Marketplace plugin17 Mar, 2025
Low Patched

Remote code execution in graphql-ruby13 Mar, 2025
High Patched

Multiple vulnerabilities in SAML SSO for Ruby13 Mar, 2025
High Patched

IBM watsonx.data update for AsyncHttpClient (AHC) library12 Mar, 2025
Low Patched

Authenticated PHP file upload in Joomla!11 Mar, 2025
Medium Patched

IBM watsonx.data update for Hibernate Validator11 Mar, 2025
Medium Patched

Improper access control in SAP NetWeaver Enterprise Portal11 Mar, 2025
Medium Patched

IBM watsonx.data update for iq80 Snappy11 Mar, 2025
Medium Patched

SAP Commerce Cloud update for Apache Tomcat11 Mar, 2025
Medium Patched

Cross-site scripting in SAP Commerce11 Mar, 2025
Low Patched

SAP Commerce Cloud and SAP Datahub update for Spring Framework11 Mar, 2025
Medium Patched Public exploit

Missing Authorization in WP Online Contract plugin for WordPress10 Mar, 2025
Medium Not Patched

Stored cross-site scripting in SearchIQ – The Search Solution plugin for WordPress10 Mar, 2025
Low Not Patched

SSRF in Axios07 Mar, 2025
Medium Patched

Stored cross-site scripting in Point Maker plugin for WordPress07 Mar, 2025
Low Not Patched

Cross-site scripting in Razorpay Subscription Button Elementor Plugin for WordPress07 Mar, 2025
Low Not Patched

Improper privilege management in Homey - Booking and Rentals WordPress Theme07 Mar, 2025
High Not Patched

Multiple vulnerabilities in Zimbra Collaboration10 Feb, 2020
High Patched

IBM watsonx.data update for JSch24 Apr, 2016
Medium Patched Public exploit