8 matches found
CVE-2026-30959 OneUptime has WhatsApp Resend Verification Authorization Bypass
OneUptime is a solution for monitoring and managing online services. The resend-verification-code endpoint allows any authenticated user to trigger a verification code resend for any UserWhatsApp record by ID. Ownership is not validated unlike the verify endpoint. This affects the...
EUVD-2021-2424
Malware in sbrugna...
GO-2025-3740 Grafana vulnerable to authenticated users bypassing dashboard, folder permissions in github.com/grafana/grafana
Grafana vulnerable to authenticated users bypassing dashboard, folder permissions in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...
CVE-2025-3768
Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...
CVE-2023-23328
A File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload.php by uploading a specially crafted PHP file...
CVE-2021-39203
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This...
IBM Security Access Manager Privilege License and Access Control Issues Vulnerability (CNVD-2021-53344)
IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. IBM Security Access Manager Docker is vulnerable to a privilege permission and...
IBM Security Access Manager 输入验证错误漏洞
IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. IBM Security Access Manager Docker is vulnerable to a privilege permission and...