3 matches found
Improper Authentication
Silverstripe/framework is vulnerable to Improper Authentication. The vulnerability is caused by improper user permission checks to verify if a user can login via the Member::canLogIn method, allowing an attacker to gain access to unapproved or revoked users by resetting the password...
Business Logic Flaws
phpmyfaq is vulnerable to Business Logic Flaws. The vulnerability exists in record.add.php due to improper user permission checks which allows an authenticated attacker with edit-only permissions to add and delete categories or add FAQs...
Improper Access Control
github.com/treeverse/lakefs is vulnerable to improper access control. The vulnerability exists because it does not perform sufficient user permission checks on repository actions, allowing an attacker to use the S3 gateway to copy object and read write actions on repository commits...