Lucene search
K

5 matches found

NVD
NVD
added 2026/04/29 9:16 a.m.4 views

CVE-2026-42516

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...

7.1CVSS0.00226EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/10 8:59 p.m.9 views

Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint

Summary The /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation. The server's response is returned directly to the caller. type. This constitutes an...

7.2CVSS5.8AI score0.00621EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.2 views

Open Redirect

Overview fschat is an An open platform for training, serving, and evaluating large language model based chatbots. Affected versions of this package are vulnerable to Open Redirect via a specially crafted URL. An attacker can redirect users to arbitrary websites by manipulating the URL parameters...

6.1CVSS7AI score0.00764EPSS
Exploits1References2
OSV
OSV
added 2023/10/19 3:50 p.m.2 views

GHSA-FC75-58R8-RM3H Wagtail vulnerable to disclosure of user names via admin bulk action views

Impact A user with a limited-permission editor account for the Wagtail admin can make a direct URL request to the admin view that handles bulk actions on user accounts. While authentication rules prevent the user from making any changes, the error message discloses the display names of user...

2.7CVSS5.8AI score0.00454EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2022/02/01 12:26 p.m.5 views

CVE-2022-22792

MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...

7.5CVSS7.1AI score0.00582EPSS
Exploits0References2
Rows per page
Query Builder