2 matches found
Missing Authorization
Overview praisonai-platform is a Platform layer for PraisonAI — workspace, auth, issues, projects Affected versions of this package are vulnerable to Missing Authorization in the addmember process. An attacker can gain unauthorized owner-level access to any workspace by submitting a crafted POST...
qibosoft Cross-Site Request Forgery Vulnerability
qibosoft is a content management system of China Qibo Software qibosoft Company. A cross-site request forgery vulnerability exists in qibosoft version 7.0. A remote attacker can add a user account using admin/index.php?lfj=member&action=addmember to exploit this vulnerability...