Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the resourceGetHandler process. An attacker can access the full content of text files within their authorized scope by sending requests to the /api/resources endpoint, bypassing the intended download permission...

CVE-2026-35606

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

CVE-2026-35606

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, the resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other...

Recurly Client Python Library Server-Side Request Forgery Attack Vulnerability

Recurly Client Python Library is a Python API wrapper for Recurly from Recurly USA. A server-side request forgery attack vulnerability exists in the 'Resource.get' method in the Recurly Client Python Library. An attacker could use this vulnerability to take control of API keys or other important...

PYSEC-2017-68

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources...

limewire480.txt

Summary: Recent versions of the LimeWire client contain vulnerabilities that allow a remote user access to many or all files on a users machine. LimeWire is a popular client for the Gnutella filesharing network. Vulnerability 1 - Inappropriate Handling of "resource get" requests. Symptom:A remote...