Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.8 views

PT-2026-36159

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, the endpoint POST /user/invited does not validate any invite token, authentication header, or session. Any unauthenticated attacker can call this endpoi...

6.5CVSS5.4AI score0.00243EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.6 views

PT-2025-44426

Name of the Vulnerable Software and Affected Versions mCarFix Motorists App version 2.3 Description The mCarFix Motorists App has improper access control issues. An attacker can bypass verification to create accounts and, by manipulating sequential numeric IDs, gain unauthorized access to user da...

7.5CVSS6.8AI score0.00286EPSS
Exploits0References4
OSV
OSV
added 2024/12/19 7:15 p.m.6 views

CVE-2024-49765 Bypass of Discourse Connect using other login paths if enabled in Discourse

Discourse is an open source platform for community discussion. Sites that are using discourse connect but still have local logins enabled could allow attackers to bypass discourse connect to create accounts and login. This problem is patched in the latest version of Discourse. Users unable to...

5.3CVSS6.4AI score0.00351EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/29 12:0 a.m.3 views

PT-2023-10306 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 8 through 9.0.1 JetBrains TeamCity version 9.0.2 is not affected, so only versions prior to 9.0.2 are considered vulnerable. Description: The issue allows bypass of account-creation restrictions via a crafted...

6.5CVSS6.4AI score0.00615EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.5 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build problem analysis reports. A security vulnerability exists in JetBrains TeamCit...

6.5CVSS6.5AI score0.00615EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2012/08/27 12:0 a.m.96 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: Bug 39700 Wikipedia administrator Writ Keeper discovered a stored XSS HTML injection vulnerability. This was possible due to the handling of link text on File: links for nonexistent files. MediaWiki 1.16 and later is affected. Bug 39180 User Fomafix reported several DOM-based X...

6.5CVSS6.2AI score0.01562EPSS
Exploits2References6
Rows per page
Query Builder