7 matches found
CVE-2026-30778
The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.11) potentially affected by CVE-2026-39381 via parse-server (>=9.6.0-alpha.37 <=9.7.0)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.11 Source cves: CVE-2026-39381 Source advisory: SNYK:JS-PARSESERVER-15928862...
CVE-2026-34373
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and 9.7.0-alpha.10, the GraphQL API endpoint does not respect the allowOrigin server option and unconditionally allows cross-origin requests from any website. This...
Shilpi Client Dashboard 安全漏洞
Shilpi Client Dashboard is a centralized dashboard from Shilpi. A security vulnerability exists in Shilpi Client Dashboard versions prior to 9.7.0, which stems from the mishandling of multiple parameters in the API endpoint, resulting in unauthorized access to sensitive information of other users...
Shilpi Client Dashboard 安全漏洞
Shilpi Client Dashboard is a centralized dashboard from Shilpi. A security vulnerability exists in Shilpi Client Dashboard versions prior to 9.7.0 that stems from a lack of authorization to modify and cancel requests via certain API endpoints, which could result in unauthorized modification of...
Shilpi Client Dashboard 安全漏洞
Shilpi Client Dashboard is a centralized dashboard from Shilpi. A security vulnerability exists in Shilpi Client Dashboard versions prior to 9.7.0, which stems from an insufficient authentication mechanism implemented in the login module that allows an attacker to gain full access to the other...
PT-2024-32713 · Unknown · Shilpi Client Dashboard
Name of the Vulnerable Software and Affected Versions: Shilpi Client Dashboard versions prior to 9.7.0 Description: This issue exists due to a lack of rate limiting and Captcha protection for OTP requests in certain API endpoints. An unauthenticated remote attacker could exploit this by sending...