10 matches found
Open eClass 安全漏洞
Open eClass is an open-source e-classroom system developed by the Greek Universities Network. Versions of Open eClass prior to 4.2 contained security vulnerabilities. These vulnerabilities were caused by business logic flaws, which could allow authenticated students to mark themselves as attendin...
CVE-2025-3426
The CVE-2025-3426 entry describes lack of reverse engineering protections in Philips IntelliSpace Portal binaries, enabling discovery of hardcoded credentials. Affected products are IntelliSpace Portal 12 and earlier and Advanced Visualization Workspace 15. Technical details from connected source...
Improper Handling Of Case Sensitivity
social-auth-app-django is vulnerable to Improper Handling Of Case Sensitivity. The vulnerability is due to default case-insensitive collation in MySQL or MariaDB databases. This vulnerability could cause different IDs to match, resulting in Business Logic Flaws...
Business Logic Flaws
GitLab is vulnerable to Business Logic Flaws. The vulnerability exists under specific conditions, which allows an unauthorised project members to delete a protected branches...
Business Logic Flaws
phpmyfaq is vulnerable to Business Logic Flaws. The vulnerability exists in record.add.php due to improper user permission checks which allows an authenticated attacker with edit-only permissions to add and delete categories or add FAQs...
Why is Robust API Security Crucial in eCommerce?
API attacks are on the rise. One of their major targets is eCommerce firms like yours. APIs are a vital part of how eCommerce businesses are accelerating their growth in the digital world. ECommerce platforms use APIs at all customer touchpoints, from displaying products to handling shipping. Owi...
Business Logic Flaws
OpenZeppelin Contracts has business logic flaws. The vulnerability exists due to a lack of sanitization between cross chains allowing contracts using Arbitrum L2, CrossChainEnabledArbitrumL2 or LibArbitrumL2 to be classified as direct interactions of externally owned accounts EOAs even though the...
YetiForceCrm 输入验证错误漏洞
YetiForceCrm is an open source crm system from the Polish company YetiForce. Yetiforcecrm suffers from a processing logic error vulnerability, which stems from Yetiforcecrm being vulnerable to business logic errors. No detailed vulnerability details are currently available...
Business Logic Flaws
qt5-qtwebengine is vulnerable to business logic flaws. The vulnerability exists due to an inappropriate implementation flaw was found in the navigation component of the Chromium browser...
Multiple vulnerabilities in coremail mailbox system
Coremail mail system is a commercial hyperscale operational-grade mail system. There are reflective cross-site scripting and business logic design vulnerabilities in coremail mail system, which can be exploited by attackers to obtain sensitive information from websites and operate across business...