Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,428 advisories

Loading
SQL injection vulnerability in interface/forms/eye_mag/php/Anything_simple.php from library/forms... High Unreviewed
CVE-2018-15149 was published May 14, 2022
SQL injection vulnerability in interface/de_identification_forms/de_identification_screen2.php in... High Unreviewed
CVE-2018-15150 was published May 14, 2022
SQL injection vulnerability in interface/forms_admin/forms_admin.php from library/registry.inc in... High Unreviewed
CVE-2018-15147 was published May 14, 2022
SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions... High Unreviewed
CVE-2018-15151 was published May 14, 2022
Pimcore SQLi Vulnerability Moderate
CVE-2018-14058 was published for pimcore/pimcore (Composer) May 14, 2022
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that... Critical Unreviewed
CVE-2018-1000653 was published May 14, 2022
LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups... High Unreviewed
CVE-2018-1000650 was published May 14, 2022
SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote... High Unreviewed
CVE-2008-4715 was published May 14, 2022
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL... Critical Unreviewed
CVE-2018-11511 was published May 14, 2022
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id... Critical Unreviewed
CVE-2018-16159 was published May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-4861 was published for zendframework/zendframework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-6233 was published for zendframework/zendframework (Composer) May 14, 2022
A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via... Critical Unreviewed
CVE-2018-15894 was published May 14, 2022
A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the... Critical Unreviewed
CVE-2018-15893 was published May 14, 2022
phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute... Critical Unreviewed
CVE-2018-16278 was published May 14, 2022
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an... Critical Unreviewed
CVE-2018-16445 was published May 14, 2022
BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login. Critical Unreviewed
CVE-2018-16432 was published May 14, 2022
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the index.php... Critical Unreviewed
CVE-2018-16354 was published May 14, 2022
An issue was discovered in FHCRM through 2018-02-11. There is a SQL injection via the /index.php... Critical Unreviewed
CVE-2018-16353 was published May 14, 2022
Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation,... Moderate Unreviewed
CVE-2018-16410 was published May 14, 2022
An issue is discovered in baijiacms V4. Blind SQL Injection exists via the order parameter in an... Critical Unreviewed
CVE-2018-16724 was published May 14, 2022
FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or search_term parameter to pages... Critical Unreviewed
CVE-2018-16762 was published May 14, 2022
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS)... High Unreviewed
CVE-2008-5882 was published May 14, 2022
SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows... Moderate Unreviewed
CVE-2013-5091 was published May 14, 2022
SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion... High Unreviewed
CVE-2008-5733 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database