6 matches found
CVE-2026-47236
Solidtime is an open-source time-tracking app. Prior to version 0.12.2, Solidtime defines an explicit invitations:view and members:view permissions that gates the official invitations and members API. The Jetstream web team page authorizes access with only belongsToTeam and then loads and...
EUVD-2025-2211
Malicious code in bioql PyPI...
Data Breach at New BreachForums: 4,000 members’ data leaked
By Waqas BreachForums is a recently resurfaced alternative to the popular hacker and cybercrime forum, Breach Forums, which is now defunct. This is a post from HackRead.com Read the original post: Data Breach at New BreachForums: 4,000 members data leaked...
Grafana Teams API IDOR
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. /teams/:teamId will allow an authenticated attacker to view unintended data by querying for the specific team ID,...
CVE-2020-6752
In OMERO before 5.6.1, group owners can access members' data in other groups...
iFdate Social Dating Script 2.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: iFdate Social Dating Script v2.0 - SQL Injection Google Dork: N/A Date: 18.03.2017 Vendor Homepage: http://turnkeycentral.com/ Software: http://turnkeycentral.com/scripts/social-dating-script/ Demo:...