59 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-58052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group...
CVE-2025-58052
Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...
CVE-2025-58052
Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...
CVE-2025-58052 Galette has groups managers access control bypass on Members
Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since it requires...
UBUNTU-CVE-2025-53922
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...
CVE-2025-53922
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...
CVE-2025-53922 Galette has access control bypass
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...
CVE-2025-53922
CVE-2025-53922 affects Galette, a membership management web app. From version 1.1.4 up to (but not including) 1.2.0, a user logged in as a group manager may bypass intended restrictions on the Contributions and Transactions features (an access-control bypass). The issue is fixed in version 1.2.0....
CVE-2025-53922 Galette has access control bypass
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...
PT-2025-52485
Name of the Vulnerable Software and Affected Versions Galette versions 0.9.6 through 1.1.9 Description Galette is a membership management web application designed for non-profit organizations. Individuals with the 'group manager' role can circumvent intended restrictions, enabling unauthorized...
PT-2025-52454
Galette is a membership management web application for non profit organizations. Starting in version 1.1.4 and prior to version 1.2.0, a user who is logged in as group manager may bypass intended restrictions on Contributions and Transactions. Version 1.2.0 fixes the issue...
EUVD-2021-26039
Malware in sbrugna...
EUVD-2008-6515
Malware in sbrugna...
EUVD-2016-0500
Malware in sbrugna...
CVE-2024-13263
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...
CVE-2024-13263
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...
CVE-2024-13263 Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...
CVE-2024-13263 Opigno group manager - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-027
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno group manager allows PHP Local File Inclusion.This issue affects Opigno group manager: from 0.0.0 before 3.1.1...
CVE-2024-13263
CVE-2024-13263 affects Opigno group manager (versions 0.0.0 up to 3.1.1). The root cause is improper neutralization of directives in statically saved code (static code injection), which can lead to PHP Local File Inclusion. Several connected sources corroborate that this vulnerability enables arb...
Drupal 安全漏洞
Drupal is an open source content management system developed using the PHP language by the Drupal community. A security vulnerability exists in Drupal Opigno group manager prior to version 3.1.1, which stems from an unsuccessful neutralization of directives in statically saved code, resulting in ...