4 matches found
Incorrect Authorization
Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Incorrect Authorization through inconsistent authorization checks between the report listing and detail retrieval endpoints. An attacker can access sensitiv...
PT-2026-43628
Summary The columnConfigAction endpoint in the CustomReportsBundle is vulnerable to SQL injection. An attacker with the reports config permission can supply a malicious SQL configuration that is concatenated into a query and executed. Although the application attempts to filter certain DDL/DML...
EUVD-2024-22968
Malicious code in bioql PyPI...
UBUNTU-CVE-2024-48898
A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from...