Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

29 advisories

Loading
phpMyAdmin server-side request forgery (SSRF) High
CVE-2016-6621 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Browsershot Server-Side Request Forgery (SSRF) via setURL() Function High
CVE-2025-3192 was published for spatie/browsershot (Composer) Apr 4, 2025
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file High
CVE-2024-45290 was published for phpoffice/phpexcel (Composer) Oct 7, 2024
emilvirkki
Codiad SSRF Vulnerability High
CVE-2020-14044 was published for codiad/codiad (Composer) May 24, 2022
phpBB Server-Side Request Forgery (SSRF) High
CVE-2017-1000419 was published for phpbb/phpbb (Composer) May 14, 2022
phpMyAdmin SSRF in replication High
CVE-2017-1000017 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Moodle vulnerable to Server Side Request Forgery High
CVE-2023-35133 was published for moodle/moodle (Composer) Jun 22, 2023
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-8156 was published for magento/community-edition (Composer) May 24, 2022
Magento Server-Side Request Forgery (SSRF) High
CVE-2019-8151 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability via SSRF High
CVE-2019-7892 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Server-Side Request Forgery vulnerability High
CVE-2019-7911 was published for magento/community-edition (Composer) May 24, 2022
elFinder Server Side Request Forgery (SSRF) High
CVE-2019-6257 was published for studio-42/elfinder (Composer) May 13, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7923 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7913 was published for magento/community-edition (Composer) May 24, 2022
Server-Side Request Forgery and Open Redirect in AllTube Download High
CVE-2022-24739 was published for rudloff/alltube (Composer) Mar 9, 2022
Rudloff
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
Flarum vulnerable to LFI and Blind SSRF via Avatar upload High
CVE-2023-40033 was published for flarum/core (Composer) Aug 16, 2023
Moodle SSRF Vulnerability High
CVE-2019-6970 was published for moodle/moodle (Composer) May 14, 2022
Server-Side Request Forgery in snipe/snipe-it High
CVE-2021-4075 was published for snipe/snipe-it (Composer) Dec 10, 2021
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
SSRF in Kitodo.Presentation High
CVE-2022-24980 was published for kitodo/presentation (Composer) Feb 20, 2022
Appwrite Server-Side Request Forgery vulnerability High
CVE-2023-27159 was published for appwrite/server-ce (Composer) Mar 31, 2023
Moodle vulnerable to Server-Side Request Forgery High
CVE-2021-36396 was published for moodle/moodle (Composer) Mar 6, 2023
Cross-site Scripting in HTML2PDF High
CVE-2021-45394 was published for spipu/html2pdf (Composer) Jan 21, 2022
Server-Side Request Forgery vulnerability in concrete5 High
CVE-2021-22958 was published for concrete5/concrete5 (Composer) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API