Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
go2ismail Free-CRM Security API improper authorization
go2ismail Asp.Net-Core-Inventory-Order-Management-System Security API improper authorization
The Events Calendar <= 6.15.16 - Improper Authorization to Authenticated (Contributor+) Event/Organizer/Venue Update/Trash via REST API
OpenEMR Portal Users Can Forge Provider Signatures
feiyuchuixue sz-boot-parent API Endpoint sys-message authorization
AliasVault App Backup aliasvault.xml backup
funadmin Configuration Ajax.php setConfig improper authorization
feng_ha_ha/megagao ssm-erp/production_ssm EmployeeController.java improper authorization
detronetdip E-commerce Product Management Update authorization
Org.keycloak/keycloak-services: keycloak: missing check on disabled client for docker registry protocol
IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function
CoCoTeaNet CyreneAdmin System Info Endpoint getCount improper authorization
GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization
AutoGPT Affected by Remote Code Execution via Dynamic Module Import in Block Loading (__import__)
Klaw has an improper authorisation check on /resetMemoryCache
Improper authorization in the Intel(R) Quick Assist Technology for some Intel(R) Platforms within Ring 0: Kernel may allow a denial of service
FUXA Unauthenticated Remote Code Execution via Admin JWT Minting
PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats
PlaciPy Code Execution Allowed Without Assessment Active State Validation
WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization
Showing 1 - 20 of 1,000+ results