Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,521 advisories

Loading
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a... High Unreviewed
CVE-2018-18790 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header... Critical Unreviewed
CVE-2018-18789 was published May 14, 2022
Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for ... High Unreviewed
CVE-2018-17283 was published May 14, 2022
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php... Critical Unreviewed
CVE-2018-18704 was published May 14, 2022
A vulnerability was found in Huaxia ERP 2.3 and classified as critical. Affected by this issue is... Moderate Unreviewed
CVE-2022-3825 was published Nov 2, 2022
A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11,... Critical Unreviewed
CVE-2018-15904 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid... Critical Unreviewed
CVE-2018-18785 was published May 14, 2022
Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18... Critical Unreviewed
CVE-2015-4633 was published May 14, 2022
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule... Critical Unreviewed
CVE-2018-18702 was published May 14, 2022
A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9... Critical Unreviewed
CVE-2018-17446 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the... High Unreviewed
CVE-2018-18784 was published May 14, 2022
School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to... Critical Unreviewed
CVE-2018-18806 was published May 14, 2022
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. Critical Unreviewed
CVE-2018-18527 was published May 14, 2022
An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via... High Unreviewed
CVE-2018-19331 was published May 14, 2022
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the... Critical Unreviewed
CVE-2018-17380 was published May 14, 2022
Interspire Email Marketer through 6.1.6 has SQL Injection via a deleteblock blockid[] request to... High Unreviewed
CVE-2018-19552 was published May 14, 2022
SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before... High Unreviewed
CVE-2014-8367 was published May 14, 2022
An issue was discovered in the Manufacturing component in webERP 4.15. CollectiveWorkOrderCost... High Unreviewed
CVE-2018-19436 was published May 14, 2022
An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection... High Unreviewed
CVE-2018-19435 was published May 14, 2022
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. Critical Unreviewed
CVE-2018-17394 was published May 14, 2022
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. Critical Unreviewed
CVE-2018-17375 was published May 14, 2022
An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist... Critical Unreviewed
CVE-2018-19558 was published May 14, 2022
DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. Critical Unreviewed
CVE-2018-19061 was published May 14, 2022
ThinkCMF X2.2.2 has SQL Injection via the function delete() in SlideController.class.php and is... High Unreviewed
CVE-2018-19896 was published May 14, 2022
SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html... Critical Unreviewed
CVE-2018-19893 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database