5 matches found
WordPress Simple Bike Rental plugin <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Booking Data Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ Sensitive Booking Data Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Simple Bike Rental versions = 1.0.6...
EUVD-2025-25128
Malicious code in bioql PyPI...
EUVD-2025-25129
Malicious code in bioql PyPI...
CVE-2025-55282
aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of searchpath restriction, an attacke...
CVE-2022-31196 Server-Side Request Forgery (SSRF) vulnerability in Databasir
Databasir is a database metadata management platform. Databasir = 1.06 has Server-Side Request Forgery SSRF vulnerability. The SSRF is triggered by a sending a single HTTP POST request to create a databaseType. By supplying a jdbcDriverFileUrl that returns a non 200 response code, the url is...