6 matches found
CVE-2026-41317
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS.press.api.account.createapisecret is prone to CSRF-like exploits. This endpoint writes to database and it is also accessible via GET method. The patch in commit...
CVE-2026-41317
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS.press.api.account.createapisecret is prone to CSRF-like exploits. This endpoint writes to database and it is also accessible via GET method. The patch in commit...
VulnCheck KEV: CVE-2011-4085
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication ...
Fedora 23 : glpi-0.90.3-1.fc23 (2016-a099d11840)
Version 0.90.3 security update to prevent a minor vulnerability fix issues with post-only ticket form See changelog for more details. ---- Version 0.90.2 Include bugfixes and some minor features : An alert in central page when some of your mysql tables are marked as crashed A better flexibility i...
Fedora 22 : glpi-0.90.3-1.fc22 (2016-657a4a658e)
Version 0.90.3 security update to prevent a minor vulnerability fix issues with post-only ticket form See changelog for more details. ---- Version 0.90.2 Include bugfixes and some minor features : An alert in central page when some of your mysql tables are marked as crashed A better flexibility i...
Fedora 24 : glpi-0.90.3-1.fc24 (2016-9db4add326)
Version 0.90.3 security update to prevent a minor vulnerability fix issues with post-only ticket form See changelog for more details. ---- Version 0.90.2 Include bugfixes and some minor features : An alert in central page when some of your mysql tables are marked as crashed A better flexibility i...