2 matches found
CVE-2022-30451
An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1...
PYSEC-2021-95
The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basicauthprotocolfactorycredentials=.... An attacker may be able to guess a password via a timing attack...