26 matches found
CVE-2026-62327
The vulnerability concerns 9Router up to version 0.4.41. An unauthenticated request to the Next.js API route /api/usage/stats is possible due to missing authentication middleware, leading to exposure of plaintext API keys for all connected AI provider accounts, along with token counts, costs and ...
PT-2026-57906
Name of the Vulnerable Software and Affected Versions 9Router versions prior to 0.4.42 Description An unauthenticated information disclosure issue exists where remote attackers can retrieve plaintext API keys for all connected AI provider accounts. This occurs due to missing authentication...
CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint
Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...
CVE-2026-56281
Capgo before 12.128.2 contains a SQL injection in POST /private/admin_stats: the limit parameter is destructured from an unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform admin credentials can inject SQ...
CVE-2026-56281 Capgo - SQL Injection via Unvalidated limit Parameter in Admin Stats Endpoint
Capgo before 12.128.2 contains a sql injection vulnerability in the POST /private/adminstats endpoint where the limit parameter is destructured from unvalidated request body and interpolated directly into Cloudflare Analytics Engine SQL queries via template literals. An attacker with platform adm...
EUVD-2026-43223
Capgo before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST globalstats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics using only the public apikey. Remote attackers can query the /rest/v1/globalstats endpoin...
CVE-2026-56238
Capgo before 12.128.2 is affected by an information-disclosure vulnerability in the Supabase PostgREST global_stats endpoint that allows unauthenticated attackers to read sensitive financial and operational metrics via /rest/v1/global_stats using only a public apikey. Risks include exposure of MR...
CVE-2026-56240
Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...
CVE-2026-56240 Capgo - Billing Authorization Bypass via Exhausted Usage Credits
Capgo before 12.128.12 contains a billing authorization bypass vulnerability in the planvalid calculation that allows organizations with exhausted or expired usage credit grants to bypass billing gates. Attackers can exploit the divergence between the plugin hot-path planvalid expression and the...
wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The RoutinePermission class grants read access to any authenticated user when a routine has...
GHSA-CJ9G-27PH-4CGV wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The RoutinePermission class grants read access to any authenticated user when a routine has...
CVE-2026-33141
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint allows any authenticated user including low-privilege students with ROLEUSER to read any other user's learning progress, certificates, and...
CVE-2026-33141 Chamilo LMS has an IDOR in REST API Stats Endpoint Exposes Any User's Learning Data
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint allows any authenticated user including low-privilege students with ROLEUSER to read any other user's learning progress, certificates, and...
CVE-2026-33141
Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference IDOR vulnerability in the REST API stats endpoint allows any authenticated user including low-privilege students with ROLEUSER to read any other user's learning progress, certificates, and...
CVE-2026-33141
Chamilo LMS contains an IDOR in the REST API stats endpoint (CVE-2026-33141). Prior to version 2.0.0-RC.3, any authenticated user (including ROLE_USER) could read another user’s learning progress, certificates, and gradebook scores for any course without enrollment or supervisory relationship. Th...
EUVD-2026-17648
AVideo: Unauthenticated Live Stream Termination via RTMP Callback onpublishdone.php...
AVideo: Unauthenticated Live Stream Termination via RTMP Callback on_publish_done.php
Summary The AVideo onpublishdone.php endpoint in the Live plugin allows unauthenticated users to terminate any active live stream. The endpoint processes RTMP callback events to mark streams as finished in the database, but performs no authentication or authorization checks before doing so. An...
CVE-2026-31799 Tautulli: SQL Injection in get_home_stats API endpoint via unsanitised filter parameters
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 2.14.2 to before version 2.17.0 for parameters "before" and "after" and from version 2.1.0-beta to before version 2.17.0 for parameters "sectionid" and "userid", the /api/v2?cmd=gethomestats endpoint passe...
EUVD-2026-17206
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 2.14.2 to before version 2.17.0 for parameters "before" and "after" and from version 2.1.0-beta to before version 2.17.0 for parameters "sectionid" and "userid", the /api/v2?cmd=gethomestats endpoint passe...
CVE-2026-31799 Tautulli: SQL Injection in get_home_stats API endpoint via unsanitised filter parameters
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. From version 2.14.2 to before version 2.17.0 for parameters "before" and "after" and from version 2.1.0-beta to before version 2.17.0 for parameters "sectionid" and "userid", the /api/v2?cmd=gethomestats endpoint passe...