746 matches found
CVE-2026-7716
A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vulnerability affects unknown code of the file /index.php. Performing a manipulation of the argument day results in sql injection. The attack can be initiated remotely. The exploit has been made publi...
CVE-2026-43948
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
GHSA-MW8F-W6P8-XRF4 wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None
Summary GHSA-mhc8-p3jx-84mm CVE-2026-43948 reported that wger's resetuserpassword and gympermissionsuseredit views in wger/gym/views/user.py performed a gym-scope authorization check using Django ORM object comparison if request.user.userprofile.gym != user.userprofile.gym which silently passes...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the authorization process in UserDeactivateView, UserActivateView, and delete in wger/core/views/user.py due to improper gym-scope checks when both the attacker and victim have gym=None. An attacker with the...
wger: cross-tenant account deletion / deactivation / activation by gym.manage_gym + gym=None
Summary GHSA-mhc8-p3jx-84mm CVE-2026-43948 reported that wger's resetuserpassword and gympermissionsuseredit views in wger/gym/views/user.py performed a gym-scope authorization check using Django ORM object comparison if request.user.userprofile.gym != user.userprofile.gym which silently passes...
arbor-ai (>=0.1.5 <=0.1.14), coreason-runtime (>=0.1.0 <=0.31.0) +10 more potentially affected by CVE-2026-7304 via sglang (>=0.4.5 <=0.5.2)
sglang PYPI version =0.4.5, =0.1.5, =0.1.0, =1.1.0, =2.0.0b40, =0.0.1, =0.1.0, =0.1.0, =0.0.1.post1, =0.0.0, =0.8.0, =0.10.7 Source cves: CVE-2026-7304 Source advisory: SNYK:PYTHON-SGLANG-17111815...
GHSA-9QPR-VC49-HQG2 wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
Summary A gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a low-privileged user, the session flag trainer.identity is set and this flag alone...
wger: Privilege escalation via trainer-login session chaining allows gym trainer to impersonate gym manager
Summary A gym trainer can escalate their session to any higher-privileged account gym manager, general manager by chaining two calls to the trainer-login endpoint. Once a trainer performs a legitimate switch into a low-privileged user, the session flag trainer.identity is set and this flag alone...
CVE-2026-43948
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
CVE-2026-43948
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
CVE-2026-43948 wger: cross-tenant password reset and plaintext disclosure via gym=None bypass
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
CVE-2026-43948
Summary (CVE-2026-43948 / GHSA-mhc8-p3jx-84mm): In wger, password reset and gym-permissions edits allow a user with gym.manage_gym and gym=None to reset another gym=None user’s password and receive the plaintext password in the HTML response. Root cause: Django ORM object comparison (request.user...
CVE-2026-43948 wger: cross-tenant password reset and plaintext disclosure via gym=None bypass
wger is a free, open-source workout and fitness manager. Prior to 2.6, the resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker...
wger 安全漏洞
WGER is an open-source project developed by the WGER Team, built using Django for hosting self-hosted FLOSS fitness/exercise, nutrition, and weight tracking applications. Versions of WGER prior to 2.6 contained security vulnerabilities. These vulnerabilities stemmed from the use of Python object...
GHSA-MHC8-P3JX-84MM wger: cross-tenant password reset and plaintext disclosure via gym=None bypass
Summary The resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker and victim have no gym assignment gym=None. A user with...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the resetuserpassword and gympermissionsuseredit function when both the attacker and victim have gym=None. An attacker can gain unauthorized access to another user's account, obtain their new plaintext passwor...
wger: cross-tenant password reset and plaintext disclosure via gym=None bypass
Summary The resetuserpassword and gympermissionsuseredit views in wger perform a gym-scope authorization check using Python object comparison != that evaluates None != None as False, silently bypassing the guard when both the attacker and victim have no gym assignment gym=None. A user with...
PT-2026-38284
Name of the Vulnerable Software and Affected Versions wger versions prior to 2.6 Description An authorization bypass exists in the reset user password and gym permissions user edit views. The system performs a gym-scope authorization check using a Python object comparison that evaluates None !=...
CVE-2026-7716
A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vulnerability affects unknown code of the file /index.php. Performing a manipulation of the argument day results in sql injection. The attack can be initiated remotely. The exploit has been made publi...
CVE-2026-7716 code-projects Gym Management System In PHP/Windows NT index.php sql injection
A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vulnerability affects unknown code of the file /index.php. Performing a manipulation of the argument day results in sql injection. The attack can be initiated remotely. The exploit has been made publi...