2 matches found
EUVD-2026-28463
The VerySecureApp made by DIVD using Mendix Studio Pro 11.8.0 Beta allows unintended data exposure due to authorization misconfiguration. The VerySecureApp allows anonymous users of the MyFirstModule with the anonymous user role to gain access to all stored records, even though no access rights a...
CVE-2024-1601
CVE-2024-1601 affects parisneo/lollms-webui; an SQL injection exists in delete_discussion() exploitable via a crafted POST to /delete_discussion with a malicious id parameter, allowing deletion of all records in the discussion and message tables. Impact is data loss; reports indicate this can be ...