CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Github Security Blog•added 2026/05/27 10:51 p.m.•14 views

FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations

Summary The GET /api/project endpoint exposes sensitive project configuration data to guest-context requests even when secureEnabled is enabled. Details File: server/api/projects/index.js javascript prjApp.get"/api/project", secureFnc, functionreq, res const permission = checkGroupsFncreq;...

5.9AI score

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by