CVE-2023-26493 Command Injection in Cocos Engine workflow

Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...

Authentication flaw

Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies0. This issue was fixed in version 2.1.13 of the product...

CVE-2021-36801 Akaunting Authentication Bypass in Company Selection

Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies0. This issue was fixed in version 2.1.13 of the product...