6 matches found
CVE-2025-70148
Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...
CVE-2025-70148
Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...
CVE-2025-70148
Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...
PT-2026-1315
Name of the Vulnerable Software and Affected Versions Coolify versions prior to and including 4.0.0-beta.420.8 Description Coolify is a self-hostable tool for managing servers, applications, and databases. The /api/v1/teams/team id/members and /api/v1/teams/current/members API endpoints allow...
EUVD-2024-17047
Malicious code in bioql PyPI...
PT-2024-32456 · Cvat · Cvat
Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions prior to 2.19.1 Description: The issue allows an attacker with a CVAT account to retrieve certain information about any project, task, job, or membership resource on the CVAT instance. This...