Improper Authorization

github.com/1Panel-dev/1Panel/ is vulnerable to Improper Authorization. The vulnerability is due to insufficient access controls, allowing attackers to exploit the application to gain unauthorized access to the console page...

BIT-SUITECRM-2023-6124 Server-Side Request Forgery (SSRF) in salesagility/suitecrm

Server-Side Request Forgery SSRF in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14...

BIT-SUITECRM-2023-6126 Code Injection in salesagility/suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

BIT-SUITECRM-2023-6128 Cross-site Scripting (XSS) - Reflected in salesagility/suitecrm

Cross-site Scripting XSS - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

BIT-PUBLIFY-2022-0524

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

BIT-PUBLIFY-2022-0578

Code Injection in GitHub repository publify/publify prior to 9.2.8...

BIT-PUBLIFY-2022-1812

Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10...

BIT-PUBLIFY-2023-0299

Improper Input Validation in GitHub repository publify/publify prior to 9.2.10...

BIT-MLFLOW-2023-1176 Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2...

BIT-MLFLOW-2023-3765 Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

BIT-MASTODON-2022-0432 Prototype Pollution in mastodon/mastodon

Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0...

BIT-MLFLOW-2023-6753 Path Traversal in mlflow/mlflow

Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2...

BIT-MLFLOW-2023-6909 Path Traversal: '\..\filename' in mlflow/mlflow

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2...

BIT-MONGOOSE-2022-2564 Prototype Pollution in automattic/mongoose

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

BIT-MONGOOSE-2023-3696 Prototype Pollution in automattic/mongoose

Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4...

BIT-LIVEHELPERCHAT-2022-0935

Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97...

BIT-LIVEHELPERCHAT-2022-1235

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

BIT-LIVEHELPERCHAT-2022-1530

Cross-site Scripting XSS in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application...

BIT-GITEA-2022-0905 Missing Authorization in go-gitea/gitea

Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...

BIT-GITEA-2022-1058 Open Redirect on login in go-gitea/gitea

Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...