CVE-2025-66553

Summary: Nextcloud Tables prior to 0.8.7 and 0.9.4 allows authenticated users to view column metadata of other tables by altering the numeric ID in a request, causing information disclosure. The issue is fixed in 0.8.7 and 0.9.4. Remediation: upgrade Nextcloud Tables to version 0.8.7 or later, or...

PT-2024-16252 · Code Projects · Code-Projects Blood Bank Management

Name of the Vulnerable Software and Affected Versions: code-projects Blood Bank Management version 1.0 Description: A critical issue affects the processing of the file /file/accept.php, where the manipulation of the reqid argument leads to SQL injection. The attack can be initiated remotely...

CVE-2024-45919

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information ...

CVE-2024-45919

CVE-2024-45919 affects Solvait 24.4.2. The vulnerability arises from a flaw in the /AssignToMe/SetAction endpoint where manipulating Request ID and Action Type can bypass approval workflows, enabling privilege escalation and potential access to sensitive data or fraudulent approvals. Connected so...