GHSA-589Q-75R3-MFQ4 Silverstripe has Incorrect Default Permissions

SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...

CVE-2021-41928

SQL injection in Sourcecodester Try My Recipe Recipe Sharing Website - CMS 1.0 by oretnom23, allows attackers to execute arbitrary code via the rid parameter to the viewrecipe page...