3 matches found
PT-2025-17429 · Joomla · Virtuemart
Name of the Vulnerable Software and Affected Versions: VirtueMart component versions 1.0.0 through 4.4.7 for Joomla Description: A SQL injection in the VirtueMart component for Joomla allows authenticated attackers, specifically administrators, to execute arbitrary SQL commands in the product...
PT-2025-16017 · W. W. Norton · W. W. Norton Inquizitive
Name of the Vulnerable Software and Affected Versions: W. W. Norton InQuizitive versions through 2025-04-08 Description: The issue allows students to insert arbitrary records of their quiz performance into the backend due to the existence of only client-side access control. This is related to a...
PT-2022-23193 · Shopware · Shopware
Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 5.7.15 Description: The issue allows users to bypass the Access Control List ACL if backend admin controllers are called with a certain notation, enabling them to execute actions they are normally not able to do...