CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

CVE-2025-60427

LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...

EUVD-2013-1105

Malware in sbrugna...

CVE-2013-1065

backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...

CVE-2024-2712

A vulnerability, which was classified as critical, has been found in Campcodes Complete Online DJ Booking System 1.0. This issue affects some unknown processing of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated...

Campcodes Complete Online DJ Booking System SQL注入漏洞

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A SQL injection vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which originates from a SQL injection vulnerability in the searchdata parameter of the...

CVE-2024-2715

A vulnerability was found in Campcodes Complete Online DJ Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/user-search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launche...

Campcodes Complete Online DJ Booking System Cross-Site Scripting Vulnerability

Campcodes Complete Online DJ Booking System is an online DJ booking system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Online DJ Booking System, which stems from a cross-site scripting vulnerability in the adminname parameter of the...

[USN-2747-1] NVIDIA graphics drivers vulnerability

========================================================================== Ubuntu Security Notice USN-2747-1 September 28, 2015 nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates, nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates, nvidia-graphics-drivers-346,...

Ubuntu: Security Advisory (USN-2747-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1065

backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...

CVE-2013-1065

CVE-2013-1065 : backend.py in Jockey prior to 0.9.7-0ubuntu7.11 does not properly use D-Bus for polkit communication, enabling local bypass of access restrictions via a PolkitUnixProcess PolkitSubject race (noted as related to CVE-2013-4288). Impact is a local privilege bypass with by-passing pol...

CVE-2013-1065

backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...

Ubuntu: Security Advisory (USN-1957-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for jockey USN-1957-1

Check for the Version of jockey OpenVAS Vulnerability Test $Id: gbubuntuUSN19571.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for jockey USN-1957-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

Ubuntu 12.04 LTS : jockey vulnerability (USN-1957-1)

It was discovered that Jockey was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has...

USN-1957-1: Jockey vulnerability

It was discovered that Jockey was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...

CVE-2013-1065

backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2 pkexec process, a related...