Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

171 advisories

Loading
October CMS safe mode bypass using Page template injection Moderate
CVE-2023-44381 was published for october/system (Composer) Nov 29, 2023
whatev3n
Statamic CMS vulnerable to remote code execution via form uploads High
CVE-2023-48217 was published for statamic/cms (Composer) Nov 14, 2023
ahinkle
Moodle Code Injection vulnerability Moderate
CVE-2023-5550 was published for moodle/moodle (Composer) Nov 9, 2023
Moodle Code Injection vulnerability High
CVE-2023-5540 was published for moodle/moodle (Composer) Nov 9, 2023
Subrion remote command execution vulnerability High
CVE-2023-46947 was published for intelliants/subrion (Composer) Nov 3, 2023
LibreNMS Code Injection vulnerability Moderate
CVE-2023-4977 was published for librenms/librenms (Composer) Sep 15, 2023
teampass vulnerable to code injection High
CVE-2023-2591 was published for nilsteampassnet/teampass (Composer) May 9, 2023
Remote Code Execution Vulnerability in Validation Placeholders in CodeIgniter4 Critical
CVE-2023-32692 was published for codeigniter4/framework (Composer) May 22, 2023
TeamPass Code Injection vulnerability Critical
CVE-2023-3551 was published for nilsteampassnet/teampass (Composer) Jul 8, 2023
Moodle Code Injection vulnerability Moderate
CVE-2023-5539 was published for moodle/moodle (Composer) Nov 9, 2023
baserCMS Code Injection Vulnerability in Mail Form Feature Moderate
CVE-2023-43792 was published for baserproject/basercms (Composer) Oct 26, 2023
Command injection in pagekit High
CVE-2023-41005 was published for pagekit/pagekit (Composer) Aug 29, 2023
Economizzer host header injection vulnerability High
CVE-2023-38877 was published for gugoan/economizzer (Composer) Sep 28, 2023
Code injection in nilsteampassnet/teampass High
CVE-2023-2859 was published for nilsteampassnet/teampass (Composer) May 24, 2023
Grav Server Side Template Injection (SSTI) vulnerability Critical
CVE-2023-34251 was published for getgrav/grav (Composer) Jun 16, 2023
scgajge12
Cachet vulnerable to Authenticated Remote Code Execution Critical
CVE-2023-43661 was published for cachethq/cachet (Composer) Oct 16, 2023
rive-n
Grav Server-side Template Injection (SSTI) via Twig Default Filters High
CVE-2023-34252 was published for getgrav/grav (Composer) Jun 16, 2023
jacobsoo
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability High
CVE-2023-34253 was published for getgrav/grav (Composer) Jun 16, 2023
jacobsoo
PHPMailer vulnerable to email header injection High
CVE-2012-0796 was published for phpmailer/phpmailer (Composer) Oct 6, 2022
nterchange Code Injection vulnerability Critical
CVE-2015-10009 was published for nonfiction/nterchange (Composer) Jan 2, 2023
PrestaShop PHP Object Injection High
CVE-2018-20717 was published for prestashop/prestashop (Composer) May 14, 2022
SEOmatic plugin for Craft CMS SSTI Vulnerability High
CVE-2018-14716 was published for nystudio107/craft-seomatic (Composer) May 13, 2022
Craft CMS Remote Code Injection Critical
CVE-2021-27903 was published for craftcms/cms (Composer) Jul 2, 2021
Centreon RCE Vulnerability Critical
CVE-2018-11587 was published for centreon/centreon (Composer) May 14, 2022
phpMyAdmin Remote Code Execution High
CVE-2013-3239 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API