69864 matches found
MCP-for-Stata: Command injection via log_file_name parameter in Stata command wrapper
Summary The logfilename parameter in the statado API and CLI is directly interpolated into a Stata command string without sanitization. The security guard GuardValidator only scans the do-file content but does not validate this parameter. An attacker can inject arbitrary Stata commands including...
Shopware: Admin API ACL Bypass in Order State Transition Endpoints
Summary This is a vertical authorization bypass in the Admin API affecting order state transition features /api/action/order/orderId/state/transition and similar transaction/delivery transition routes. The root cause is that the transition action routes do not declare required server-side ACL...
GHSA-8V9P-G828-V98F Shopware: Admin Account Takeover via User Recovery Hash Exposure
Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...
MINI-H83M-VMPP-32R9
Bulletin has no description...
MINI-3XR8-Q5X6-HC2M
Bulletin has no description...
MINI-6CVJ-Q28F-MQ25
Bulletin has no description...
MINI-965P-X22W-HF2W
Bulletin has no description...
MINI-P9F4-4MGM-782P
Bulletin has no description...
MINI-73Q2-5C26-9H3J
Bulletin has no description...
WWBN AVideo: Authenticated wallet credit bypass in AuthorizeNet processPayment endpoint
Summary plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess = true, and then calls YPTWallet::addBalance without...
GHSA-9392-PJ54-QQF8 WWBN AVideo: Authenticated wallet credit bypass in AuthorizeNet processPayment endpoint
Summary plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess = true, and then calls YPTWallet::addBalance without...
MINI-VV27-29Q5-RWWF
Bulletin has no description...
MINI-QC7P-X3M3-9H7P
Bulletin has no description...
MINI-94V4-34MJ-586V
Bulletin has no description...
MINI-QM66-V7CJ-V2R9
Bulletin has no description...
MINI-X64M-PC48-8M8F
Bulletin has no description...
MINI-JG23-2XH3-52MQ
Bulletin has no description...
MINI-JQ2P-4FMF-M4VC
Bulletin has no description...
MINI-3WV9-8GHM-M835
Bulletin has no description...
MINI-G47P-2R56-XHH9
Bulletin has no description...