CVE-2023-3393 Code Injection in fossbilling/fossbilling

Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1...

Improper access control

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

Improper access control

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

Input validation

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3303

Vulnerability CVE-2023-3303 affects admidio/admidio prior to 4.2.9 due to Improper Access Control. Public documents consistently describe an access-control weakness without detailing exploit methods. CVSS data indicate low confidentiality impact with no integrity/availability impact, and network ...

CVE-2023-3303 Improper Access Control in admidio/admidio

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3303 Improper Access Control in admidio/admidio

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3302 Improper Neutralization of Formula Elements in a CSV File in admidio/admidio

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3304 Improper Access Control in admidio/admidio

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

Improper Access Control

Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3302 Improper Neutralization of Formula Elements in a CSV File in admidio/admidio

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2023-3293

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0...

CVE-2023-3293

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0...

CVE-2023-3291 Heap-based Buffer Overflow in gpac/gpac

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2...

CVE-2023-3294 Cross-site Scripting (XSS) - DOM in saleor/react-storefront

Cross-site Scripting XSS - DOM in GitHub repository saleor/react-storefront prior to c29aab226f07ca980cc19787dcef101e11b83ef7...

Authorization

Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0...

CVE-2023-3230 Missing Authorization in fossbilling/fossbilling

Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0...

CVE-2023-3228

CVE-2023-3228 concerns fossbilling/fossbilling prior to 0.5.0 and is evidenced by a risk described in connected Huntr documentation: a business logic flaw where an attacker can modify the product ID during order processing to bypass the main product requirement and directly purchase an addon. Aff...

CVE-2023-3227

CVE-2023-3227 targets fossbilling/fossbilling with insufficient granularity of access control prior to version 0.5.0. Affected component/condition: access-control checks lacking granularity (per multiple sources). Impact is described as insufficient access control, with remediation recommended to...