Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/10/22 12:11 a.m.12 views

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

6.5CVSS6.3AI score0.00378EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/21 12:0 a.m.2 views

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

5.9AI score0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/21 12:0 a.m.9 views

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

0.00378EPSS
Exploits0References3
OSV
OSV
added 2024/03/21 2:52 a.m.4 views

CVE-2024-2712

A vulnerability, which was classified as critical, has been found in Campcodes Complete Online DJ Booking System 1.0. This issue affects some unknown processing of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated...

6.5CVSS5.7AI score0.00601EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Campcodes Complete Online DJ Booking System SQL注入漏洞

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which originates from a SQL injection vulnerability in the searchdata parameter of the...

6.5CVSS7AI score0.00601EPSS
Exploits1References4
OSV
OSV
added 2024/03/20 8:15 p.m.4 views

CVE-2024-2715

A vulnerability was found in Campcodes Complete Online DJ Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/user-search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launche...

6.1CVSS3.8AI score
Exploits0References3
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.3 views

Campcodes Complete Online DJ Booking System Cross-Site Scripting Vulnerability

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which stems from a cross-site scripting vulnerability in the adminname parameter of the...

6.1CVSS6.2AI score0.00506EPSS
Exploits1References4
Rows per page
Query Builder