11 matches found
CVE-2026-40603
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
CVE-2026-40603
Chartbrew CVE-2026-40603 affects Chartbrew 4.9.0, where a legacy /api/project/dashboard/:brewName route exposes a project’s report data to any authenticated member of the same team, bypassing project-level authorization. This allows a low-privileged same-team user to read another project’s dashbo...
CVE-2026-40603 Chartbrew: Incorrect Access Control in /api/project/dashboard/:brewName via same-team override
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
CVE-2026-40603
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
CVE-2026-40603 Chartbrew: Incorrect Access Control in /api/project/dashboard/:brewName via same-team override
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
EUVD-2026-26410
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
PT-2026-36163
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version 4.9.0, Chartbrew exposes a legacy dashboard route that returns a project's report data to any authenticated member of the same team, even when that user does n...
PT-2024-40936 · Minitrace · Minitrace
Name of the Vulnerable Software and Affected Versions: minitrace affected versions not specified Description: The minitrace maintainers have decided to stop maintaining minitrace and are instead continuing its development under a new organizational structure. As a result, minitrace is no longer...
Same Team E-shop manager - SQL Injection Exploit
No description provided by source...
Same Team E-shop manager - SQL Injection
Exploit Title: Same Team E-shop manager SQL Injection exploit Date: 19-06-2011 Author: Number 7 Software Link: http://www.sameteam.com.tn/site/fr/eshop-manager.23.html Tested on: Linux exploits: http://www.domain.com.tn/path/catalogue.php?idshop=7SQLI...
Same Team E-shop manager - SQL Injection
Same Team E-shop manager - SQL Injection Exploit Title: Same Team E-shop manager SQL Injection exploit Date: 19-06-2011 Author: Number 7 Software Link: http://www.sameteam.com.tn/site/fr/eshop-manager.23.html Tested on: Linux exploits: http://www.domain.com.tn/path/catalogue.php?idshop=7SQLI...