Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

94 advisories

Loading
Cross-Site Request Forgery in Elefant CMS High
CVE-2017-20062 was published for elefant/cms (Composer) Jun 21, 2022
CSRF issue on preview pages in Bolt CMS High
CVE-2020-4040 was published for bolt/bolt (Composer) Jun 9, 2020
staz0t
Concrete CMS vulnerable to Cross-site Request Forgery High
CVE-2022-43693 was published for concrete5/concrete5 (Composer) Nov 14, 2022
Malfunction of CSRF token validation in Shopware High
CVE-2022-24879 was published for shopware/shopware (Composer) Apr 28, 2022
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter High
CVE-2015-8379 was published for cakephp/cakephp (Composer) May 14, 2022
ravage84
CakePHP allows method override parameters to bypass CSRF checks High
CVE-2020-35239 was published for cakephp/cakephp (Composer) May 24, 2022
ravage84
Observable Timing Discrepancy in OpenMage LTS High
CVE-2020-15151 was published for openmage/magento-lts (Composer) Aug 19, 2020
Flyingmana theroch
Cross-Site Request Forgery in ForkCMS High
CVE-2020-23960 was published for forkcms/forkcms (Composer) May 6, 2021
Cross-Site Request Forgery in forkcms High
CVE-2020-23264 was published for forkcms/forkcms (Composer) Jun 22, 2021
Cross-Site Request Forgery in GilaCMS High
CVE-2020-20693 was published for gilacms/gila (Composer) Sep 30, 2021
showdoc is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4017 was published for showdoc/showdoc (Composer) Dec 3, 2021
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4131 was published for remdex/livehelperchat (Composer) Jan 5, 2022
Cross-Site Request Forgery in yetiforce High
CVE-2022-0269 was published for yetiforce/yetiforce-crm (Composer) Jan 27, 2022
Cross Site Request Forgery in concrete5/concrete5 High
CVE-2021-22954 was published for concrete5/concrete5 (Composer) Feb 11, 2022
Cross Site Request Forgery in intelliants/subrion High
CVE-2020-18326 was published for intelliants/subrion (Composer) Mar 5, 2022
Froxlor Cross-Site Request Forgery vulnerability High
CVE-2023-1033 was published for froxlor/froxlor (Composer) Feb 25, 2023
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4130 was published for snipe/snipe-it (Composer) Jan 5, 2022
Zenario CMS vulnerable to CSRF High
CVE-2018-18420 was published for tribalsystems/zenario (Composer) May 14, 2022
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4879 was published for baserproject/basercms (Composer) May 13, 2022
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4881 was published for baserproject/basercms (Composer) May 17, 2022
baserCMS Cross Site Request Forgery vulnerability High
CVE-2016-4878 was published for baserproject/basercms (Composer) May 17, 2022
Moodle contains CSRF vulnerability High
CVE-2021-43559 was published for moodle/moodle (Composer) May 24, 2022
Dolibarr Cross-Site Request Forgery Vulnerability High
CVE-2020-11825 was published for dolibarr/dolibarr (Composer) May 24, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2018-19969 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Pimcore CSRF Vulnerability High
CVE-2018-14057 was published for pimcore/pimcore (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API