Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,243 advisories

Loading
SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order... Critical Unreviewed
CVE-2018-17383 was published May 14, 2022
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the... Critical Unreviewed
CVE-2018-17380 was published May 14, 2022
SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter... Critical Unreviewed
CVE-2018-17382 was published May 14, 2022
SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass... Critical Unreviewed
CVE-2018-17552 was published May 14, 2022
ThinkPHP SQL injection vulnerability Critical
CVE-2018-17566 was published for topthink/framework (Composer) May 14, 2022
youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass... Critical Unreviewed
CVE-2018-18242 was published May 14, 2022
An issue was discovered in MRCMS (aka mushroom) through 3.1.2. The WebParam.java file directly... Critical Unreviewed
CVE-2018-17796 was published May 14, 2022
In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the... Critical Unreviewed
CVE-2018-17831 was published May 14, 2022
SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the /academico/aluno/esqueci-minha-senha/... Critical Unreviewed
CVE-2018-17575 was published May 14, 2022
CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious... Critical Unreviewed
CVE-2018-14956 was published May 14, 2022
There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. Critical Unreviewed
CVE-2018-18200 was published May 14, 2022
An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL injection via the w2001/index.php... Critical Unreviewed
CVE-2018-17428 was published May 14, 2022
WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the... Critical Unreviewed
CVE-2018-18075 was published May 14, 2022
A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the... Critical Unreviewed
CVE-2018-17852 was published May 14, 2022
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[]... Critical Unreviewed
CVE-2018-18488 was published May 14, 2022
An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del... Critical Unreviewed
CVE-2018-18486 was published May 14, 2022
s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member... Critical Unreviewed
CVE-2018-18427 was published May 14, 2022
Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. Critical Unreviewed
CVE-2018-17243 was published May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18530 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18529 was published for topthink/framework (Composer) May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. Critical Unreviewed
CVE-2018-18792 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie. Critical Unreviewed
CVE-2018-18787 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie. Critical Unreviewed
CVE-2018-18791 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header... Critical Unreviewed
CVE-2018-18789 was published May 14, 2022
An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid... Critical Unreviewed
CVE-2018-18785 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database