33 matches found
Insecure Default Initialization of Resource
Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the hasValidToken function. An attacker can gain unauthorized access to create and modify FAQ entries,...
Insecure Default Initialization of Resource
Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the hasValidToken function. An attacker can gain unauthorized access to create and modify FAQ entries,...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions through improper handling of missing user identifiers in the RemoveAmfSubscriptionsInfoProcedure process. An attacker can cause the application to panic and return a 500 Internal Serv...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the processFuzzySearch function. An attacker can access and extract the entire database contents by supplying crafted input to the column parameter in the HTTP API, which is directly interpolated into raw SQL statement...
Privilege Escalation
@cubejs-backend/server-core is vulnerable to Privilege Escalation. The vulnerability is due to improper authorization validation of specially crafted requests using a valid API token, which allows an attacker to escalate privileges beyond their intended access level...
Cube Core is vulnerable to privilege escalation via a specially crafted request
Impact It is possible to make a specially crafted request with a valid API token that leads to privilege escalation. Affected Versions: ≥= 0.27.19 Mitigation: Upgrade to a patched version: - 1.5.13 and later regular release - 1.4.2 active LTS release - 1.0.14 end-of-life LTS release References Th...
GHSA-V226-32C7-X2V7 Cube Core is vulnerable to privilege escalation via a specially crafted request
Impact It is possible to make a specially crafted request with a valid API token that leads to privilege escalation. Affected Versions: ≥= 0.27.19 Mitigation: Upgrade to a patched version: - 1.5.13 and later regular release - 1.4.2 active LTS release - 1.0.14 end-of-life LTS release References Th...
Improper Handling of Case Sensitivity
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity due to improper handling of case sensitivity in the userPutHandler function. An attacker can gain unauthorized access to user accoun...
CVE-2026-25958 Cube privilege escalation via a specially crafted request
Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14...
CVE-2026-25958 Cube privilege escalation via a specially crafted request
Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14...
CVE-2026-25958
Cube (semantic layer) versions 0.27.19 up to before 1.5.13, 1.4.2, and 1.0.14 are vulnerable to privilege escalation via a specially crafted request with a valid API token. The issue is fixed in 1.5.13, 1.4.2, and 1.0.14. CVSS v3.1 base score 7.7 (HIGH) with attack vector Network, attack complexi...
PT-2026-7194
Name of the Vulnerable Software and Affected Versions Cube versions 0.27.19 through 1.5.12 Cube version 1.0.14 Cube version 1.4.2 Description Cube, a semantic layer for building data applications, is affected by a privilege escalation issue. A specially crafted request, using a valid API token, c...
PT-2025-50839
The WatchTowerHQ plugin for WordPress is vulnerable to arbitrary file read via the 'wht download big object origin' parameter in all versions up to, and including, 3.15.0. This is due to insufficient path validation in the handle big object download request function. This makes it possible for...
CVE-2025-63563
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password...
EUVD-2022-6991
Malicious code in bioql PyPI...
CVE-2023-1136
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass...
CVE-2022-41541
TP-Link AX10v1 V1211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user...
CVE-2023-48392 Kaifa Technology WebITR - Hard-coded Cryptographic Key
Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard-coded encryption key. An unauthenticated remote attacker can generate valid token parameter and exploit this vulnerability to access system with arbitrary user account, including administrator’s account, ...
SUSE CVE-2018-1086
pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly remove the pcs debug argument from the /runpcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to...
Authentication flaw
Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token...