10 matches found
EUVD-2021-19469
Malware in sbrugna...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through improper enforcement of channel member permissions for playbook run participants. An attacker without the 'Manage Channel Members' permission can add or remove users from public and private channels by...
CVE-2021-32646
Roomer is a discord bot cog extension which provides automatic voice channel generation as well as private voice and text channels. A vulnerability has been discovered allowing discord users to get the manage channel permissions in a private VC they have joined. This allowed them to make changes ...
PT-2024-28723 · Unknown · Red Discord Bot
Name of the Vulnerable Software and Affected Versions: Red-DiscordBot versions prior to 3.5.10 Description: A bug in Red's Core API may authorize a user to run a command even when that user doesn't have permissions to manage a channel. This issue affects 3rd-party cogs using the @commands.can...
CVE-2021-32646
Roomer is a discord bot cog extension which provides automatic voice channel generation as well as private voice and text channels. A vulnerability has been discovered allowing discord users to get the manage channel permissions in a private VC they have joined. This allowed them to make changes ...
CVE-2018-8057
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channelname or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php...
Design/Logic Flaw
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8056
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8056
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8057
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channelname or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php...