elefant/cms
composerv2.4.1-stableThe Elefant CMS
License MITpermissive2 versions6 deps
jbroadway/elefant8
/ 100
Health
do not use
elefant/cms has critical vulnerabilities — do not use
Update to >= 1.3.13 to fix known vulnerabilities
- Low health score (8/100)
- 4 high severity vulnerabilities
- 3 critical vulnerabilities
Health breakdown0 – 100
5/25
maintenance
0/20
popularity
0/25
security
3/15
maturity
0/15
community
Vulnerabilities
13
3 critical4 high6 medium
Advisories (13)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| medium | CVE-2017-20060 | Cross site scripting in Elefant CMS | 1.3.13 |
| medium | CVE-2017-20058 | Cross site scripting in Elefant CMS | 1.3.13 |
| critical | CVE-2018-16974 | Elefant CMS Code Execution Vulnerability | 2.0.7 |
| high | CVE-2018-16387 | Elefant CMS CSRF Vulnerability | 2.0.5 |
| medium | CVE-2017-20059 | Cross site scripting in Elefant CMS | 1.3.13 |
| high | CVE-2017-20064 | Code injection in Elefant CMS | 1.3.13 |
| medium | CVE-2017-20061 | Cross site scripting in Elefant CMS | 1.3.13 |
| high | CVE-2017-20063 | Unrestricted Upload of File with Dangerous Type in Elefant CMS | 1.3.13 |
| critical | CVE-2018-15601 | Elefant CMS Improper Input Validation | 2.0.4 |
| high | CVE-2017-20062 | Cross-Site Request Forgery in Elefant CMS | 1.3.13 |
| medium | CVE-2012-1296 | Elefant CMS Multiple XSS Vulnerabilities | 1.1.5-Beta |
| critical | CVE-2018-16975 | Elefant CMS PHP Code Execution Vulnerability | 2.0.7 |
| medium | CVE-2017-20057 | Cross site scripting in Elefant CMS | 1.3.13 |
Health History
Dependency Tree
License Audit
Dependencies (6)
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/composer/elefant/cmsLast updated · 2024-10-16T15:56:29+00:00