3 matches found
CVE-2026-53648
FOSSBilling prior to v0.8.1 stores downloadable product files with a deterministic path md5(), so files with identical names between different products/orders map to the same stored path and can be overwritten by later uploads. This leads to customers/admins downloading the wrong file. Version 0....
PT-2026-4808
Name of the Vulnerable Software and Affected Versions Omada Controllers affected versions not specified Description An IDOR Insecure Direct Object Reference issue exists in Omada Controllers. An attacker with Administrator permissions can manipulate requests and potentially hijack the Owner...
CVE-2021-30361
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS...