GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,016

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,536 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PHP Scripts Mall Single Theater Booking has SQL Injection via the admin/movieview.php movieid... High Unreviewed

CVE-2017-17941 was published May 14, 2022

Readymade Job Site Script has SQL Injection via the location_name array parameter to the /job URI. Critical Unreviewed

CVE-2017-17895 was published May 14, 2022

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id... Critical Unreviewed

CVE-2017-17928 was published May 14, 2022

Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and... Critical Unreviewed

CVE-2017-1000444 was published May 14, 2022

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter. Critical Unreviewed

CVE-2017-17931 was published May 14, 2022

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for... Critical Unreviewed

CVE-2018-3811 was published May 14, 2022

SQL injection vulnerability in phpMyBackupPro when run in multi-user mode before 2.5 allows... High Unreviewed

CVE-2015-3637 was published May 14, 2022

SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL... High Unreviewed

CVE-2012-1784 was published May 14, 2022

The Zend_Db_Select::order function in Zend Framework before 1.12.7 does not properly handle... Critical Unreviewed

CVE-2014-4914 was published May 14, 2022

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4... High Unreviewed

CVE-2017-14960 was published May 14, 2022

The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php ... High Unreviewed

CVE-2018-5373 was published May 14, 2022

An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview... Critical Unreviewed

CVE-2015-9249 was published May 14, 2022

The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders... High Unreviewed

CVE-2018-5374 was published May 14, 2022

The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders... High Unreviewed

CVE-2018-5372 was published May 14, 2022

The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id... Critical Unreviewed

CVE-2018-5315 was published May 14, 2022

A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not... Critical Unreviewed

CVE-2017-16716 was published May 14, 2022

Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary... Critical Unreviewed

CVE-2017-17970 was published May 14, 2022

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with... Critical Unreviewed

CVE-2018-5211 was published May 14, 2022

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute... Critical Unreviewed

CVE-2017-7997 was published May 14, 2022

The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection via the `advertiser_status... Critical Unreviewed

CVE-2018-5696 was published May 14, 2022

Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the... High Unreviewed

CVE-2018-5697 was published May 14, 2022

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote... Critical Unreviewed

CVE-2017-1670 was published May 14, 2022

The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to... High Unreviewed

CVE-2018-5695 was published May 14, 2022

SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands. Critical Unreviewed

CVE-2017-5971 was published May 14, 2022

SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User... Critical Unreviewed

CVE-2018-5979 was published May 14, 2022

Previous 1…381…400 Next

Previous 1 2 … 379 380 381 382 383 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,536 advisories