2 matches found
CVE-2026-4815
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...
Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.11.0 Authorization Bypass (MMSA-2025-00502)
The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00502 advisory. - Mattermost versions 10.5.x = 10.5.9 and 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitiv...