GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,243 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie. Critical Unreviewed

CVE-2018-18786 was published May 14, 2022

OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. Critical Unreviewed

CVE-2018-18527 was published May 14, 2022

A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9... Critical Unreviewed

CVE-2018-17446 was published May 14, 2022

PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php... Critical Unreviewed

CVE-2018-18704 was published May 14, 2022

spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule... Critical Unreviewed

CVE-2018-18702 was published May 14, 2022

PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the... Critical Unreviewed

CVE-2018-18705 was published May 14, 2022

ThinkPHP SQLi Vulnerability Critical

CVE-2018-18546 was published for topthink/framework (Composer) May 14, 2022

Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18... Critical Unreviewed

CVE-2015-4633 was published May 14, 2022

admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp. Critical Unreviewed

CVE-2018-18832 was published May 14, 2022

S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type... Critical Unreviewed

CVE-2018-18887 was published May 14, 2022

DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. Critical Unreviewed

CVE-2018-19061 was published May 14, 2022

SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows... Critical Unreviewed

CVE-2016-6818 was published May 14, 2022

An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php... Critical Unreviewed

CVE-2018-19221 was published May 14, 2022

Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via... Critical Unreviewed

CVE-2018-18963 was published May 14, 2022

School Equipment Monitoring System 1.0 allows SQL injection via the login screen, related to... Critical Unreviewed

CVE-2018-18806 was published May 14, 2022

Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse... Critical Unreviewed

CVE-2018-18803 was published May 14, 2022

Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include... Critical Unreviewed

CVE-2018-18804 was published May 14, 2022

School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php... Critical Unreviewed

CVE-2018-18795 was published May 14, 2022

Library Management System 1.0 has SQL Injection via the "Search for Books" screen. Critical Unreviewed

CVE-2018-18796 was published May 14, 2022

SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection. Critical Unreviewed

CVE-2018-18763 was published May 14, 2022

The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or... Critical Unreviewed

CVE-2018-18801 was published May 14, 2022

ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request... Critical Unreviewed

CVE-2016-10731 was published May 14, 2022

Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. Critical Unreviewed

CVE-2018-18822 was published May 14, 2022

CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the... Critical Unreviewed

CVE-2018-19559 was published May 14, 2022

An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main... Critical Unreviewed

CVE-2018-19557 was published May 14, 2022

Previous 1…143…170 Next

Previous 1 2 … 141 142 143 144 145 … 169 170 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,243 advisories