CVE-2023-28104

silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...

CVE-2022-28104

Foxit PDF Editor v11.3.1 was discovered to contain an arbitrary file upload vulnerability...

CVE-2025-28104

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input...

CVE-2025-28104

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input...

CVE-2025-28104

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input...

CVE-2025-28104

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input...

CVE-2025-28104

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input...

CVE-2023-28104 silverstripe/graphql Denial of Service vulnerability

silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...

CVE-2023-28104

CVE-2023-28104 affects silverstripe/graphql. In versions 4.2.2 and 4.1.1, a specially crafted GraphQL query could cause a denial-of-service against websites with publicly exposed GraphQL endpoints, especially those with large/complex schemas. Impact is denial of service affecting availability; re...

CVE-2023-28104 silverstripe/graphql Denial of Service vulnerability

silverstripe/graphql serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly affects websites with...

CVE-2023-28104 DDOS attack on graphql endpoints

More info at https://www.silverstripe.org/download/security-releases/CVE-2023-28104...

CVE-2022-28104

creationtimestamp| type| source ---|---|--- 2022-05-20 16:30:40+00:00| seen| https://t.me/cibsecurity/43033...

CVE-2022-28104

Foxit PDF Editor 11.3.1 is affected by an arbitrary file upload vulnerability. Based on CVE-2022-28104 details, the issue has a high to critical impact (CVSS 3.1: 9.8) with network access, no authentication, and full confidentiality, integrity, and availability impact as reported. The available d...