Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints

Summary Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the ability to manage promotion-related resources from the ability to trigger promotions,...

EUVD-2022-52295

Malicious code in bioql PyPI...

CVE-2023-2065

Authorization Bypass Through User-Controlled Key vulnerability in Armoli Technology Cargo Tracking System allows Authentication Abuse, Authentication Bypass.This issue affects Cargo Tracking System: before 3558f28...

CVE-2023-1856

A vulnerability has been found in SourceCodester Air Cargo Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/transactions/trackshipment.php of the component GET Parameter Handler. The manipulation of the argument id lea...

CVE-2022-30367

Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=deleteimg...

CVE-2022-30373

Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargotypes/managecargotype.php?id=...

Air Cargo Management System SQL注入漏洞

Air Cargo Management System is an air cargo management system. version 1.0 of Air Cargo Management System is vulnerable to a SQL injection vulnerability in /acms/classes/Master.php?f=deletecargotype which lacks a filter and escape for the parameter The vulnerability is caused by a lack of filteri...

Air Cargo Management System SQL注入漏洞

Air Cargo Management System is an air cargo management system. version 1.0 of Air Cargo Management System is vulnerable to SQL injection, which originates from /acms/admin/?page=transactions/managetransaction& id=Lack of filtering and escaping for parameters, an attacker can use this vulnerabilit...

Air Cargo Management System SQL注入漏洞

Air Cargo Management System, an air cargo management system, is vulnerable to a SQL injection vulnerability in version 1.0 of Air Cargo Management System, which originates from /acms/admin/cargotypes/managecargotype.php?id= Lack of filtering and escaping of parameters can be exploited to execute...

Air Cargo Management System SQL注入漏洞

Air Cargo Management System is an air cargo management system. a SQL injection vulnerability exists in Air Cargo Management System version 1.0, which originates from /acms/admin/cargotypes/viewcargotype.php?id=missing For the filtering and escaping of parameters, an attacker can use this...

CVE-2022-26169

Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the refcode parameter...