Publish Advisories

GHSA-27c4-766g-945p
GHSA-3g23-vj39-72pv
GHSA-3x22-75pm-vfvc
GHSA-5r24-mpgf-qr5g
GHSA-7wj7-w87x-q3q3
GHSA-84gx-938q-j68m
GHSA-9f59-h5gf-pg3f
GHSA-g3cq-f9xx-gc5g
GHSA-gp82-mmj7-m5w2
GHSA-j4f8-4p6w-v5h6
GHSA-m5v5-2jv8-fp63
GHSA-p592-jgc7-p79g
GHSA-p77x-289r-9c4x
GHSA-p8hm-rwgf-6c7f
GHSA-vm4j-2vcw-g6gc
GHSA-vv3p-2379-7jx3
GHSA-vxf2-8cq4-x49q
GHSA-w77h-76xc-792q
GHSA-x275-mqpf-qfrc
GHSA-xxxg-x793-7fq3

Author: advisory-database[bot]

advisories/unreviewed/2026/04/GHSA-27c4-766g-945p/GHSA-27c4-766g-945p.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-27c4-766g-945p",
+  "modified": "2026-04-12T15:30:26Z",
+  "published": "2026-04-12T15:30:26Z",
+  "aliases": [
+    "CVE-2019-25703"
+  ],
+  "details": "ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL commands to extract sensitive database information.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25703"
+    },
+    {
+      "type": "WEB",
+      "url": "https://sourceforge.net/projects/impresscms/files/v1.3.11/impresscms_1.3.11.zip"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46239"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/impresscms-sql-injection-via-bid-parameter"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.impresscms.org"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:33Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-3g23-vj39-72pv/GHSA-3g23-vj39-72pv.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3g23-vj39-72pv",
+  "modified": "2026-04-12T15:30:27Z",
+  "published": "2026-04-12T15:30:27Z",
+  "aliases": [
+    "CVE-2019-25708"
+  ],
+  "details": "Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters usnm, usps, and cfps to modify the admin username and password without user consent.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25708"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46100"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/heatmiser-wifi-thermostat-cross-site-request-forgery"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-352"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:33Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-3x22-75pm-vfvc/GHSA-3x22-75pm-vfvc.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3x22-75pm-vfvc",
+  "modified": "2026-04-12T15:30:25Z",
+  "published": "2026-04-12T15:30:25Z",
+  "aliases": [
+    "CVE-2019-25689"
+  ],
+  "details": "HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25689"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46279"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/html5-video-player-local-buffer-overflow-non-seh"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.html5videoplayer.net/download.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-787"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:31Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-5r24-mpgf-qr5g/GHSA-5r24-mpgf-qr5g.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5r24-mpgf-qr5g",
+  "modified": "2026-04-12T15:30:26Z",
+  "published": "2026-04-12T15:30:26Z",
+  "aliases": [
+    "CVE-2019-25707"
+  ],
+  "details": "eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extract sensitive database information including table names and schema details.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25707"
+    },
+    {
+      "type": "WEB",
+      "url": "https://ebrigade.net"
+    },
+    {
+      "type": "WEB",
+      "url": "https://netcologne.dl.sourceforge.net/project/ebrigade/ebrigade/eBrigade%204.5/ebrigade_4.5.zip"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46117"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/ebrigade-erp-sql-injection-via-pdf-php"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:33Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-7wj7-w87x-q3q3/GHSA-7wj7-w87x-q3q3.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7wj7-w87x-q3q3",
+  "modified": "2026-04-12T15:30:27Z",
+  "published": "2026-04-12T15:30:27Z",
+  "aliases": [
+    "CVE-2019-25711"
+  ],
+  "details": "SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an oversized buffer in the Name field during registration. Attackers can generate a 256-byte payload, paste it into the Name input field, and trigger a crash when submitting the registration code.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25711"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46088"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/spotftp-password-recover-denial-of-service-via-name-field"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-807"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:34Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-84gx-938q-j68m/GHSA-84gx-938q-j68m.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-84gx-938q-j68m",
+  "modified": "2026-04-12T15:30:26Z",
+  "published": "2026-04-12T15:30:26Z",
+  "aliases": [
+    "CVE-2019-25699"
+  ],
+  "details": "Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code through the search parameter in endpoints like /admin/comment/records, /admin/category/records, /admin/news/records, and /admin/menu/childs to manipulate database queries and retrieve sensitive data.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25699"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gurkanuzunca/newsbull"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46266"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/newsbull-haber-script-authenticated-sql-injection-via-search-parameter"
+    },
+    {
+      "type": "WEB",
+      "url": "http://newsbull.org"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:32Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-9f59-h5gf-pg3f/GHSA-9f59-h5gf-pg3f.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-9f59-h5gf-pg3f",
+  "modified": "2026-04-12T15:30:25Z",
+  "published": "2026-04-12T15:30:25Z",
+  "aliases": [
+    "CVE-2018-25257"
+  ],
+  "details": "Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to modify user credentials and gain administrative access.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25257"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46217"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/adianti-framework-and-sql-injection-via-profile"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-12T13:16:31Z"
+  }
+}