PT-2026-37123

Name of the Vulnerable Software and Affected Versions Kimai versions prior to 2.54.0 Description Team API endpoints in the TeamController.php file use the IsGranted'edit team' attribute instead of IsGranted'edit','team'. This causes the Symfony TeamVoter to abstain from voting, which removes...

EUVD-2024-17596

Malicious code in bioql PyPI...

CVE-2024-1871

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross site scripting. It i...

CVE-2024-1871 SourceCodester Employee Management System Project Assignment Report assignp.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross site scripting. It i...

Orangescrum 1.8.0 Privilege Escalation

Exploit Title: orangescrum 1.8.0 - Privilege escalation Authenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0 Teste...