8 matches found
CVE-2026-39250
An authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend application interfaces, leading to further dangerous operations...
CVE-2026-39250
An authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend application interfaces, leading to further dangerous operations...
EUVD-2026-30979
An authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend application interfaces, leading to further dangerous operations...
PT-2026-42008
Name of the Vulnerable Software and Affected Versions Innoshop version 0.6.0 Description An authorization issue allows an attacker who has logged into the frontend to directly access backend application interfaces, which can lead to the execution of dangerous operations. Recommendations At the...
CVE-2026-39250
An authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend application interfaces, leading to further dangerous operations...
CVE-2020-37014
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
EUVD-2025-199621
SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...
PT-2025-48047
SiRcom SMART Alert SiSA allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application...