Lucene search
K

5 matches found

OSV
OSV
added 2026/05/27 10:34 p.m.10 views

GHSA-JWCC-GV4M-93X6 Pimcore has a CustomReports Share Bypass

Summary CustomReports uses inconsistent authorization between the report listing endpoint and the report detail endpoint. - The listing flow filters reports based on report-sharing rules - The detail flow only checks generic reports or reportsconfig permissions As a result, a low-privileged backe...

7.1CVSS5.8AI score0.00035EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/27 10:34 p.m.17 views

Pimcore has a CustomReports Share Bypass

Summary CustomReports uses inconsistent authorization between the report listing endpoint and the report detail endpoint. - The listing flow filters reports based on report-sharing rules - The detail flow only checks generic reports or reportsconfig permissions As a result, a low-privileged backe...

5.8AI score0.00035EPSS
Exploits0References5Affected Software1
Circl
Circl
added 2025/07/08 12:11 a.m.10 views

CVE-2025-7148

creationtimestamp| type| source ---|---|--- 2025-07-08 00:11:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltfzalp2zr2e...

5.4CVSS7.3AI score0.00264EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.3 views

PHPGurukul Daily Expense Tracker System 安全漏洞

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the fromdate/todate parameter of file...

9.8CVSS7.8AI score0.00478EPSS
Exploits1References5
OSV
OSV
added 2023/12/25 3:15 a.m.5 views

CVE-2023-7100

A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate/tdate leads to sql injection. It is possible to launch the attack...

9.8CVSS5.7AI score0.0072EPSS
Exploits1References5
Rows per page
Query Builder