GHSA-CM46-GQF4-MV4F Orchid Platform has Method Exposure Vulnerability in Modals

Impact This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within t...

Orchid Platform has Method Exposure Vulnerability in Modals

Impact This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecting users of Orchid Platform version 8 through 14.42.x. Attackers could exploit this vulnerability to call arbitrary methods within t...

CVE-2024-51992

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

CVE-2024-51992

The CVE-2024-51992 issue affects Orchid Platform versions 8 through 14.42.x and stems from a method exposure vulnerability in the platform’s asynchronous modal functionality. The root cause is exposing dangerous methods within the Screen class, enabling an attacker to call arbitrary methods. Clai...

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

CVE-2023-42494

EisBaer Scada - CWE-749: Exposed Dangerous Method or Function...

Design/Logic Flaw

EisBaer Scada - CWE-749: Exposed Dangerous Method or Function...

CVE-2023-42494

Concrete details found: EisBaer Scada is affected by CVE-2023-42494 (CWE-749: Exposed Dangerous Method or Function). The linked PT-2023-6570 entry states the issue involves dangerous methods/functions in the SCADA system and that exploitation may allow a remote attacker to execute arbitrary code;...

CVE-2023-42494 EisBaer Scada - CWE-749: Exposed Dangerous Method or Function

EisBaer Scada - CWE-749: Exposed Dangerous Method or Function...

GSD-2022-1000077 CWE-749 in Dragos version all versions

In RigoBlock Dragos, all versions as of 2022-02-17 and later until a major protocol update is accomplished contain an exposed function CWE-749, specifically setMultipleAllowances which was not set to onlyOwner. The setMultipleAllowances function can be to manipulate tokens with the contract...

GitHub Security Lab: Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks

This bug was reported directly to GitHub Security Lab...

JVN#93167107: Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object

Android App "Mercari" Japan version provided by Mercari, Inc. contains vulnerability which may allow arbitrary Java method execution CWE-749 due to inadequate restrictions on addJavascriptInterface of WebView class. Impact An arbitrary method of a Java object may be executed by a remote attacker...