Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,428 advisories

Loading
SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation... High Unreviewed
CVE-2013-7149 was published May 14, 2022
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow... High Unreviewed
CVE-2014-1636 was published May 14, 2022
SQL injection vulnerability in libraries/central_columns.lib.php in phpMyAdmin 4.4.x before 4.4... Critical Unreviewed
CVE-2016-5703 was published May 14, 2022
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote... High Unreviewed
CVE-2014-9220 was published May 14, 2022
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers... High Unreviewed
CVE-2013-5589 was published May 14, 2022
SQL injection vulnerability in ajax/mail_functions.php in the WP Symposium plugin before 14.11... Moderate Unreviewed
CVE-2014-8810 was published May 14, 2022
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of... High Unreviewed
CVE-2012-2109 was published May 14, 2022
ThinkPHP SQL Injection vulnerability Critical
CVE-2018-16385 was published for topthink/framework (Composer) May 14, 2022
SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with... High Unreviewed
CVE-2014-6045 was published May 14, 2022
zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header. Critical Unreviewed
CVE-2018-17136 was published May 14, 2022
e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter. Moderate Unreviewed
CVE-2018-16389 was published May 14, 2022
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. High Unreviewed
CVE-2018-16436 was published May 14, 2022
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the... Moderate Unreviewed
CVE-2018-15918 was published May 14, 2022
UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter. Critical Unreviewed
CVE-2018-17035 was published May 14, 2022
SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter. Critical Unreviewed
CVE-2018-16822 was published May 14, 2022
SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the... High Unreviewed
CVE-2008-6124 was published May 14, 2022
A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11,... Critical Unreviewed
CVE-2018-15904 was published May 14, 2022
Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value]... Critical Unreviewed
CVE-2018-17110 was published May 14, 2022
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE... Critical Unreviewed
CVE-2018-14592 was published May 14, 2022
MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class... Moderate Unreviewed
CVE-2018-17129 was published May 14, 2022
Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow... Critical Unreviewed
CVE-2015-8298 was published May 14, 2022
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the... Critical Unreviewed
CVE-2018-17378 was published May 14, 2022
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. Critical Unreviewed
CVE-2018-17375 was published May 14, 2022
SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or... Critical Unreviewed
CVE-2018-17384 was published May 14, 2022
SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the... Critical Unreviewed
CVE-2018-17376 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database