216 matches found
Jorani 安全漏洞
Jorani is a vacation management system developed by Benjamin BALET of France. It aims to provide small organizations with a simple workflow for vacation and overtime requests. Jorani versions 1.0.4 and earlier contained security vulnerabilities, which were caused by improper handling of entity...
Exploit for Improper Authorization in Summerpearlgroup Vacation_Rental_Management_Platform
No d...
EUVD-2025-37392
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password...
CVE-2025-63563
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 does not properly invalidate active user sessions after a password change. This allows an attacker with a valid session token to maintain access to the account even after the legitimate user changes their password...
CVE-2025-63562
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters e.g.,...
CVE-2025-63562
Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 suffers from insufficient server-side authorization. Authenticated attackers can call several endpoints and perform create/update/delete actions on resources owned by arbitrary users by manipulating request parameters e.g.,...
CVE-2025-63561
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...
CVE-2025-63561
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...
CVE-2025-63561
Summer Pearl Group Vacation Rental Management Platform prior to 1.0.2 is susceptible to a Slowloris-style Denial-of-Service DoS condition in the HTTP connection handling layer, where an attacker that opens and maintains many slow or partially-completed HTTP connections can exhaust the server’s...
Summer Pearl Group Vacation Rental Management Platform 安全漏洞
Summer Pearl Group Vacation Rental Management Platform is a vacation rental property management software platform from Summer Pearl Group, Greece. A security vulnerability exists in Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2, which stems from a password change...
PT-2025-44672
Name of the Vulnerable Software and Affected Versions Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2 Description The Summer Pearl Group Vacation Rental Management Platform is affected by a Denial-of-Service DoS condition. An attacker can exhaust the server’s...
Summer Pearl Group Vacation Rental Management Platform 安全漏洞
Summer Pearl Group Vacation Rental Management Platform is a vacation rental property management software platform from Summer Pearl Group, Greece. A security vulnerability exists in Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2, which stems from insufficient...
CVE-2025-63561
CVE-2025-63561 affects the Summer Pearl Group Vacation Rental Management Platform prior to version 1.0.2 . The vulnerability is a Slowloris-style denial-of-service in the HTTP connection handling layer, where an attacker can open and maintain many slow or incomplete HTTP connections to exhaust th...
Nextcloud: BOLA/IDOR in Out-of-Office API allows any authenticated user to read other users' absence data
Summary The Out-of-Office OOO API endpoints at /ocs/v2.php/apps/dav/api/v1/outOfOffice/userId and /ocs/v2.php/apps/dav/api/v1/outOfOffice/userId/now suffer from a Broken Object Level Authorization BOLA vulnerability. Any authenticated user can retrieve the out-of-office data of any other user by...
EUVD-2020-4945
Malware in sbrugna...
EUVD-2012-6434
Malware in sbrugna...
EUVD-2005-0184
Malware in sbrugna...
EUVD-1999-0057
Malware in sbrugna...
EUVD-2010-4600
Malware in sbrugna...
EUVD-2008-3589
Malware in sbrugna...