Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,182 advisories

Loading
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the... Critical Unreviewed
CVE-2017-17577 was published May 13, 2022
FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest... Critical Unreviewed
CVE-2017-17584 was published May 13, 2022
FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter. Critical Unreviewed
CVE-2017-17582 was published May 13, 2022
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. Critical Unreviewed
CVE-2017-17572 was published May 13, 2022
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter. Critical Unreviewed
CVE-2017-17617 was published May 14, 2022
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter. Critical Unreviewed
CVE-2017-17618 was published May 14, 2022
Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the... Critical Unreviewed
CVE-2017-17613 was published May 14, 2022
Doctor Search Script 1.0 has SQL Injection via the /list city parameter. Critical Unreviewed
CVE-2017-17611 was published May 14, 2022
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail. Critical Unreviewed
CVE-2017-17607 was published May 14, 2022
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter,... Critical Unreviewed
CVE-2017-17610 was published May 14, 2022
Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus... Critical Unreviewed
CVE-2017-17604 was published May 14, 2022
Event Search Script 1.0 has SQL Injection via the /event-list city parameter. Critical Unreviewed
CVE-2017-17616 was published May 14, 2022
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter. Critical Unreviewed
CVE-2017-17612 was published May 14, 2022
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the... Critical Unreviewed
CVE-2017-17624 was published May 14, 2022
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or... Critical Unreviewed
CVE-2017-17635 was published May 14, 2022
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI. Critical Unreviewed
CVE-2017-17621 was published May 14, 2022
Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter. Critical Unreviewed
CVE-2017-17623 was published May 14, 2022
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter. Critical Unreviewed
CVE-2017-17637 was published May 14, 2022
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat... Critical Unreviewed
CVE-2017-17629 was published May 14, 2022
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid... Critical Unreviewed
CVE-2017-17633 was published May 14, 2022
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter. Critical Unreviewed
CVE-2017-17622 was published May 14, 2022
Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid... Critical Unreviewed
CVE-2017-17626 was published May 14, 2022
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter. Critical Unreviewed
CVE-2017-17619 was published May 14, 2022
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or... Critical Unreviewed
CVE-2017-17640 was published May 14, 2022
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter. Critical Unreviewed
CVE-2017-17638 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database