Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

71 advisories

Loading
Local File read vulnerability in OctoberCMS Moderate
CVE-2020-5295 was published for october/cms (Composer) Jun 3, 2020
staz0t
Improper file handling in concrete5/core High
CVE-2021-22968 was published for concrete5/core (Composer) Nov 23, 2021
PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0. Critical Unreviewed
CVE-2022-4446 was published Dec 13, 2022
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3. Critical Unreviewed
CVE-2022-4606 was published Dec 18, 2022
PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1. High Unreviewed
CVE-2023-2551 was published May 5, 2023
Cockpit PHP Remote File Inclusion vulnerability Critical
CVE-2023-4195 was published for cockpit-hq/cockpit (Composer) Aug 6, 2023
Flarum vulnerable to LFI and Blind SSRF via Avatar upload High
CVE-2023-40033 was published for flarum/core (Composer) Aug 16, 2023
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter Critical
CVE-2015-5467 was published for yiisoft/yii2 (Composer) Sep 21, 2023
FUXA local file inclusion vulnerability High
CVE-2023-31718 was published for fuxa-server (npm) Sep 22, 2023
FUXA vulnerable to Local File Inclusion High
CVE-2023-31716 was published for @frangoteam/fuxa (npm) Sep 22, 2023
ProTip! Advisories are also available from the GraphQL API