6 matches found
EUVD-2025-30751
Malicious code in bioql PyPI...
CVE-2025-59797
Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/id and also URLs for eversports, the user-management page, and the plane page...
CVE-2025-59797
Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/id and also URLs for eversports, the user-management page, and the plane page...
PT-2025-38716
Name of the Vulnerable Software and Affected Versions Profession Fit version 5.0.99 Build 44910 Description The software allows bypassing authorization controls through direct requests to specific API endpoints and URLs. Specifically, a direct request to the /api/challenges/id endpoint allows...
CVE-2025-59797
Profession Fit 5.0.99 Build 44910 contains an authorization bypass vulnerability. The issue allows access via a direct request to the API endpoint /api/challenges/{id} and direct URL access to the eversports, user-management, and plane pages, indicating insufficient access control on these resour...
CVE-2025-59797
Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api/challenges/id and also URLs for eversports, the user-management page, and the plane page...