GHSA-54Q4-74P3-MGCW rttys SQL Injection vulnerability

SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, and 4.0.2 in api.go, allows attackers to execute arbitrary code...

rttys SQL Injection vulnerability

SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, and 4.0.2 in api.go, allows attackers to execute arbitrary code...

CVE-2022-38867

SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, 4.0.2, and 4.4.x in api.go, allows attackers to execute arbitrary code...

CVE-2022-38867

CVE-2022-38867 affects the rttys project. A SQL injection vulnerability exists in api.go across versions 4.0.0, 4.0.1, 4.0.2, and 4.4.x, enabling an attacker to execute arbitrary code. The issue originates from untrusted input handling in the API layer. Reported references include the NVD entry a...

Arbitrary File Delete

github.com/tyktechnologies/tyk is vulnerable to arbitrary file delete. The vulnerability exists through the handleAddOrUpdateApi function in api.go where json files outside of the application can be deleted if the file path is specified in the request...

CVE-2019-14544

routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks...