5 matches found
CVE-2026-49229
Affected software: Actual, a local-first personal finance app. Vulnerability summary: In OpenID multi-user mode prior to 26.6.0, disabling a user blocks future OpenID logins but does not revoke existing session tokens. The shared session validation path accepts any non-expired token, allowing a d...
CVE-2023-24648
Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...
CVE-2024-23664
A URL redirection to untrusted site 'open redirect' in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an attacker to to redirect users to an arbitrary website via a crafted URL...
CVE-2023-24648
Zstore v6.6.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /index.php...
PT-2017-16160 · Blackberry · Qnx Sdp
Name of the Vulnerable Software and Affected Versions: BlackBerry QNX Software Development Platform SDP version 6.6.0 Description: The issue is related to an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled. This could allow an attacker to access...