Lucene search
+L

4 matches found

EUVD
EUVD
added 2026/06/28 11:0 a.m.9 views

EUVD-2026-39990

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/28 11:0 a.m.11 views

CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS5.4AI score0.00309EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/21 8:57 p.m.3 views

CVE-2026-8205 Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in Calendar Block since action_get_events does not check canView on the calendar

Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since actiongetevents does not check canView on the calendar which results in restricted event details being disclosed. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 6.3 with...

6.3CVSS6AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/17 12:0 a.m.9 views

PT-2024-23108 · Silverstripe · Silverstripe/Reports

Name of the Vulnerable Software and Affected Versions: silverstripe/reports versions prior to 5.2.3 Description: The issue allows reports to be accessed by their direct URL by any user who has access to view the reports admin section, even if the canView method for that report returns false...

5.3CVSS6.8AI score0.00404EPSS
Exploits0References9
Rows per page
Query Builder