5 matches found
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...
Cross-site Request Forgery (CSRF)
Overview rwsdk is a Build fast, server-driven webapps on Cloudflare with SSR, RSC, and realtime Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the server function dispatch process. An attacker can cause unauthorized state-changing operations by tricking a...
GHSA-PRMX-7V35-7Q82 a11y-mcp: Server-Side Request Forgery (SSRF) vulnerability in A11yServer function
A vulnerability was found in priyankark a11y-mcp up to 1.0.5. This vulnerability affects the function A11yServer of the file src/index.js. The manipulation results in server-side request forgery. The attack must be initiated from a local position. The exploit has been made public and could be use...
CVE-2017-20155
A vulnerability was found in Sterc Google Analytics Dashboard for MODX up to 1.0.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file core/components/analyticsdashboardwidget/elements/tpl/widget.analytics.tpl of the component Internal...
PT-2022-8020 · Modx · Sterc Google Analytics Dashboard For Modx
Name of the Vulnerable Software and Affected Versions: Sterc Google Analytics Dashboard for MODX versions up to 1.0.5 Description: A vulnerability was found in the Sterc Google Analytics Dashboard for MODX, affecting an unknown functionality of the file...