3 matches found
CVE-2026-27595 Parse Dashboard has incomplete authentication on AI Agent endpoint
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint POST /apps/:appId/agent has multiple security vulnerabilities that, when chained, allow unauthenticated remote attackers to perform arbitrary read...
EUVD-2023-23768
Malicious code in bioql PyPI...
CVE-2023-1524
The Download Manager WordPress plugin before 3.2.71 does not adequately validate passwords for password-protected files. Upon validation, a master key is generated and exposed to the user, which may be used to download any password-protected file on the server, allowing a user to download any fil...