GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Professional Service Script 1.0 has SQL Injection via the service-list city parameter. Critical Unreviewed

CVE-2017-17625 was published May 13, 2022

SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter. Critical Unreviewed

CVE-2018-6363 was published May 13, 2022

Horus CMS allows SQL Injection, as demonstrated by a request to the /busca or /home URI. Critical Unreviewed

CVE-2018-17410 was published May 13, 2022

Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey... Critical Unreviewed

CVE-2017-7991 was published May 13, 2022

PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and... Critical Unreviewed

CVE-2018-10759 was published May 13, 2022

SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection. Critical Unreviewed

CVE-2018-18761 was published May 13, 2022

SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote... Critical Unreviewed

CVE-2017-9730 was published May 13, 2022

SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2,... Critical Unreviewed

CVE-2018-7315 was published May 13, 2022

An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as... Critical Unreviewed

CVE-2018-18084 was published May 13, 2022

K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or... Critical Unreviewed

CVE-2018-18755 was published May 13, 2022

Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in... Critical Unreviewed

CVE-2017-7410 was published May 13, 2022

ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL... Critical Unreviewed

CVE-2016-9488 was published May 13, 2022

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated... Critical Unreviewed

CVE-2015-9098 was published May 13, 2022

Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin... Critical Unreviewed

CVE-2017-15981 was published May 13, 2022

Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter,... Critical Unreviewed

CVE-2017-15971 was published May 13, 2022

Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin... Critical Unreviewed

CVE-2017-15982 was published May 13, 2022

An authentication bypass vulnerability in all versions of ValuePLUS Integrated University... Critical Unreviewed

CVE-2019-11196 was published May 13, 2022

SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote... Critical Unreviewed

CVE-2016-4837 was published May 13, 2022

Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY... Critical Unreviewed

CVE-2018-13792 was published May 13, 2022

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show... Critical Unreviewed

CVE-2017-17570 was published May 13, 2022

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter. Critical Unreviewed

CVE-2017-17574 was published May 13, 2022

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. Critical Unreviewed

CVE-2017-17572 was published May 13, 2022

FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. Critical Unreviewed

CVE-2017-17571 was published May 13, 2022

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest... Critical Unreviewed

CVE-2017-17584 was published May 13, 2022

FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. Critical Unreviewed

CVE-2017-17583 was published May 13, 2022

Previous 1…150…170 Next

Previous 1 2 … 148 149 150 151 152 … 169 170 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,241 advisories