Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,440 advisories

Loading
An issue was discovered in AKCMS 6.1. CSRF can add an admin account via a /index.php?file=account... High Unreviewed
CVE-2018-12582 was published May 14, 2022
WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account. High Unreviewed
CVE-2018-13010 was published May 14, 2022
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018... High Unreviewed
CVE-2018-12739 was published May 14, 2022
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. High Unreviewed
CVE-2018-12602 was published May 14, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote... High Unreviewed
CVE-2018-12603 was published May 14, 2022
Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. High Unreviewed
CVE-2018-13340 was published May 14, 2022
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account... High Unreviewed
CVE-2018-13445 was published May 14, 2022
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin... High Unreviewed
CVE-2018-13444 was published May 14, 2022
Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in... High Unreviewed
CVE-2018-1000506 was published May 14, 2022
Cross-site request forgery (CSRF) vulnerability in the administrative console in Dialogic... High Unreviewed
CVE-2018-11636 was published May 14, 2022
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin... High Unreviewed
CVE-2018-13032 was published May 14, 2022
OpenCart Cross-Site Request Forgery (CSRF) High
CVE-2018-13067 was published for opencart/opencart (Composer) May 14, 2022
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16... High Unreviewed
CVE-2018-12574 was published May 14, 2022
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF... High Unreviewed
CVE-2018-12529 was published May 14, 2022
The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search... High Unreviewed
CVE-2018-11349 was published May 14, 2022
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via... High Unreviewed
CVE-2018-14014 was published May 14, 2022
Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085... High Unreviewed
CVE-2018-13989 was published May 14, 2022
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over... High Unreviewed
CVE-2018-14029 was published May 14, 2022
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture... High Unreviewed
CVE-2018-13793 was published May 14, 2022
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin... High Unreviewed
CVE-2018-14068 was published May 14, 2022
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user... High Unreviewed
CVE-2018-14069 was published May 14, 2022
MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index... High Unreviewed
CVE-2018-14420 was published May 14, 2022
SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v&... High Unreviewed
CVE-2018-14421 was published May 14, 2022
An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulnerability to change the... High Unreviewed
CVE-2018-14331 was published May 14, 2022
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. High Unreviewed
CVE-2018-14583 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database